php-mpos

History

xisi 3006cb544f Reworked csrf tokens, now enabled globally The way this now works is, if csrf is enabled: * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid	2014-01-24 13:00:24 -05:00
..
change.inc.php	Reworked csrf tokens, now enabled globally	2014-01-24 13:00:24 -05:00
reset.inc.php	Reworked csrf tokens, now enabled globally	2014-01-24 13:00:24 -05:00

xisi 3006cb544f Reworked csrf tokens, now enabled globally

The way this now works is, if csrf is enabled:
 * Any new or existing template can have csrf protection by adding the hidden input ctoken that's in this batch to its form, removes any logic in templates
 * Page controllers that already exist have been updated, new ones only require checking if csrf is enabled and valid

2014-01-24 13:00:24 -05:00

change.inc.php

Reworked csrf tokens, now enabled globally

2014-01-24 13:00:24 -05:00

reset.inc.php

Reworked csrf tokens, now enabled globally

2014-01-24 13:00:24 -05:00