a36a0c5b79
* Adds CSRF protection for multiple pages, see bottom * Adds User/IP/Date & time to successful login notification * New config option for sitewide CSRF protection * Fixed a bug in the contact form * Lots of cleanup related to CSRF stuff * Increments config version * CSRF protection: register, contact, account edit, workers, notifications, and invites
23 lines
1.1 KiB
PHP
23 lines
1.1 KiB
PHP
<?php
|
|
|
|
// Make sure we are called from index.php
|
|
if (!defined('SECURITY')) die('Hacking attempt');
|
|
|
|
define('MPOS_VERSION', '0.0.2');
|
|
define('DB_VERSION', '0.0.3');
|
|
define('CONFIG_VERSION', '0.0.5');
|
|
|
|
// Fetch installed database version
|
|
$db_version = $setting->getValue('DB_VERSION');
|
|
if ($db_version != DB_VERSION) {
|
|
// Notify admins via error popup
|
|
if (isset($_SESSION['USERDATA']) && $user->isAdmin($_SESSION['USERDATA']['id']))
|
|
$_SESSION['POPUP'][] = array('CONTENT' => 'Database version mismatch (Installed: ' . $db_version . ', Current: ' . DB_VERSION . '). Database update required, please import any new SQL files. Cronjobs have been halted.', 'TYPE' => 'errormsg');
|
|
}
|
|
|
|
if (@$config['version'] != CONFIG_VERSION) {
|
|
// Notify admins via error popup
|
|
if (isset($_SESSION['USERDATA']) && $user->isAdmin($_SESSION['USERDATA']['id']))
|
|
$_SESSION['POPUP'][] = array('CONTENT' => 'Configuration file version mismatch (Installed: ' . @$config['version'] . ', Current: ' . CONFIG_VERSION . '). Configuration update required, please check dist config for changes. Cronjobs have been halted.', 'TYPE' => 'errormsg');
|
|
}
|