Add anti-CSRF token

phpcs-errors:238 phpunit-status:successful
2020-07-03 16:41:31 +02:00
parent 5af012ba8b
commit 9d73a9b61e
3 changed files with 45 additions and 6 deletions
--- a/index.php
+++ b/index.php
@ -43,6 +43,7 @@ echo '

 <div class="uploader">
    <form enctype="multipart/form-data" action="upload.php" method="POST">
+        <input type="hidden" id="csrf-token" name="csrf-token" aria-label="Anti-CSRF Token" value="' . htmlspecialchars(getAntiCsrfToken()) . '" />
        <label for="fileToUpload">' . $csvxml_overview['select_csv_file_for_upload'] . '</label>
        <input name="uploaded" type="file" accept=".csv" id="fileToUpload" required />
        <button type="submit">' . $csvxml_overview['upload'] . '</button>