mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-05-03 08:19:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

remove csrf token from login page

Browse Source
This commit is contained in:
Eric Schultz
2019-09-20 14:57:36 -05:00
parent 655b3ed883
commit 0f03ad6f98
2 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
plugins/dynamix/include/local_prepend.php
+1 -1
View File
@@ -22,7 +22,7 @@ putenv('PATH=.:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin');
chdir('/usr/local/emhttp');
setlocale(LC_ALL,'en_US.UTF-8');
date_default_timezone_set(substr(readlink('/etc/localtime-copied-from'),20));
if ($_SERVER['SCRIPT_NAME'] != '/auth_request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
if ($_SERVER['SCRIPT_NAME'] != '/login.php' && $_SERVER['SCRIPT_NAME'] != '/auth_request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
if (!isset($var)) $var = parse_ini_file('state/var.ini');
if (!isset($var['csrf_token'])) csrf_terminate("uninitialized");
if (!isset($_POST['csrf_token'])) csrf_terminate("missing");