diff options
| author | Frédéric Guillot <fred@kanboard.net> | 2018-01-29 11:31:54 -0800 |
|---|---|---|
| committer | Frédéric Guillot <fred@kanboard.net> | 2018-01-29 11:31:54 -0800 |
| commit | 357316cdf956b83df890b7bc14b772f49159c3df (patch) | |
| tree | 3c58dd9e5cfbef64c135bfa662b296489dd89993 /app/Controller | |
| parent | 573754c450211a57a1c3939d5d0326570f5efa58 (diff) | |
Add missing CSRF check in saveUploadDB() method
Diffstat (limited to 'app/Controller')
| -rw-r--r-- | app/Controller/ConfigController.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/app/Controller/ConfigController.php b/app/Controller/ConfigController.php index 2ea04b35..fcdd6972 100644 --- a/app/Controller/ConfigController.php +++ b/app/Controller/ConfigController.php @@ -199,6 +199,7 @@ class ConfigController extends BaseController */ public function saveUploadedDb() { + $this->checkCSRFParam(); $filename = $this->request->getFilePath('file'); if (!file_exists($filename) || !$this->configModel->uploadDatabase($filename)) { |