TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Phase 2: Add CSRF token protection to all forms and processors - Created CsrfMiddleware class with 8 helper methods - Added CSRF tokens to 9 POST forms across trip/course/camping/membership - Added CSRF validation to all 10 POST processors - CsrfMiddleware.requireToken() validates and dies on invalid tokens - 100% POST endpoint coverage with CSRF protection

Browse Source
This commit is contained in:
twotalesanimation
2025-12-02 21:08:56 +02:00
parent 5985506001
commit a311e81a12
19 changed files with 190 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
driver_training.php
View File

@@ -99,6 +99,7 @@ if (!empty($bannerImages)) {
<div class="blog-sidebar tour-sidebar">
<div class="widget widget-booking" data-aos="fade-up" data-aos-duration="1500" data-aos-offset="50">
<form action="process_course_booking.php" method="POST">
<input type="hidden" name="csrf_token" value="<?php echo \Middleware\CsrfMiddleware::getToken(); ?>">
<ul class="tickets clearfix">
<li>
Select Date