PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: correct require_once path depth in admin action files

Browse Source
This commit is contained in:
Pontoporeia
2026-03-31 16:15:36 +02:00
parent 94f3fb6736
commit e5d0598208
5 changed files with 11 additions and 1303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
public/admin/actions/publish.php
View File

@@ -1,7 +1,7 @@
<?php
// Bootstrap application
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../../src/AdminAuth.php';
/**
* Handle publish/unpublish actions for theses
@@ -9,7 +9,7 @@ require_once __DIR__ . '/../../src/AdminAuth.php';
// PHP-level auth guard (defence-in-depth behind nginx Basic Auth)
AdminAuth::requireLogin();
require_once __DIR__ . '/../../src/Database.php';
require_once __DIR__ . '/../../../src/Database.php';
// Verify CSRF token
if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {