summaryrefslogtreecommitdiff
path: root/inc
diff options
context:
space:
mode:
Diffstat (limited to 'inc')
-rw-r--r--inc/common.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/inc/common.php b/inc/common.php
index c056e8f31..dfc563b7f 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -68,6 +68,8 @@ function getSecurityToken(){
* Check the secret CSRF token
*/
function checkSecurityToken($token=null){
+ if(!$_SERVER['REMOTE_USER']) return true; // no logged in user, no need for a check
+
if(is_null($token)) $token = $_REQUEST['sectok'];
if(getSecurityToken() != $token){
msg('Security Token did not match. Possible CSRF attack.',-1);
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 08:07:30 +0000