TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Correct CSRF token validation in process_trip processor

Browse Source
This commit is contained in:
twotalesanimation
2025-12-04 17:07:29 +02:00
parent 1767337d99
commit 5a2c48f343
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/processors/process_trip.php
View File

@@ -15,7 +15,7 @@ if (empty($_SESSION['user_id']) || !in_array($_SESSION['role'] ?? '', ['admin',
}
// Validate CSRF token
if (empty($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token'] ?? '') {
if (empty($_POST['csrf_token']) || $_POST['csrf_token'] !== ($_SESSION['csrf_token'] ?? '')) {
ob_end_clean();
echo json_encode(['status' => 'error', 'message' => 'Invalid CSRF token']);
exit;