xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ca991408c1572fc2919055995238e8c1e6ab5791
TravianZ/GameEngine/Admin
T
History
Ferywir ca991408c1 fix(admin): verify CSRF token in village admin Mods [#139] (#259) 
editVillageOwner, renameVillage, editBuildings and editResources are POSTed
to directly, bypassing admin.php's central csrf_verify(). Add csrf_verify()
(after the admin access check, via the shared GameEngine/Admin/csrf.php) and
csrf_field() in their forms (editVillage.tpl, village.tpl, editResources.tpl).

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 10:31:08 +03:00
..
Mods
fix(admin): verify CSRF token in village admin Mods [#139] (#259)
2026-06-23 10:31:08 +03:00
.htaccess
GameEngine and install folders have 777 already set by default
2016-07-02 21:39:28 +02:00
admin.php
Change some text on license TravianZ
2025-02-11 11:22:22 +02:00
ajax.js
GameEngine and install folders have 777 already set by default
2016-07-02 21:39:28 +02:00
csrf.php
fix(admin): wire CSRF token into admin.php-routed forms [#139] (#244)
2026-06-20 06:44:12 +03:00
database.php
feat: IP ban support (#185) (#188)
2026-06-09 15:15:27 +03:00
function.php
feat: IP ban support (#185) (#188)
2026-06-09 15:15:27 +03:00
index.php
Change some text on license TravianZ
2025-02-11 11:22:22 +02:00
welcome.tpl
fix sql export-import - use html entities
2025-02-06 21:00:09 +02:00