From 5a2c48f3435ab1694813da03a99272afd9a8316b Mon Sep 17 00:00:00 2001
From: twotalesanimation <80506065+twotalesanimation@users.noreply.github.com>
Date: Thu, 4 Dec 2025 17:07:29 +0200
Subject: [PATCH] Fix: Correct CSRF token validation in process_trip processor

---
 src/processors/process_trip.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/processors/process_trip.php b/src/processors/process_trip.php
index d9720a9e..9d46bb62 100644
--- a/src/processors/process_trip.php
+++ b/src/processors/process_trip.php
@@ -15,7 +15,7 @@ if (empty($_SESSION['user_id']) || !in_array($_SESSION['role'] ?? '', ['admin',
 }
 
 // Validate CSRF token
-if (empty($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token'] ?? '') {
+if (empty($_POST['csrf_token']) || $_POST['csrf_token'] !== ($_SESSION['csrf_token'] ?? '')) {
     ob_end_clean();
     echo json_encode(['status' => 'error', 'message' => 'Invalid CSRF token']);
     exit;