beenull/ctrlpanel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

FIX: csrf forms missing the hidden inputs

Browse source
This commit is contained in:
S0ly 2024-05-17 14:35:17 +02:00
parent 159ba02c84
commit ddb628a34c
36 changed files with 91 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
themes/BlueInfinity/views/layouts/main.blade.php
View file

@ -85,6 +85,7 @@
</button>
@endforeach
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</li>
@ -190,6 +191,8 @@
<i class="fas fa-sign-out-alt fa-sm fa-fw mr-2 text-gray-400"></i>
{{ __('Logout') }}
</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</li>

2
themes/default/views/admin/activitylogs/index.blade.php
View file

@ -56,6 +56,8 @@
<button class="btn btn-light btn-sm" type="submit"><i class="fa fa-search"></i></button>
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/api/create.blade.php
View file

@ -50,6 +50,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/api/edit.blade.php
View file

@ -51,6 +51,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/coupons/create.blade.php
View file

@ -233,6 +233,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/coupons/edit.blade.php
View file

@ -234,6 +234,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/legal/index.blade.php
View file

@ -96,6 +96,8 @@
<div class="row">
<button class="btn btn-primary ml-3 mt-3">{{ __('Save') }}</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
<!-- END CUSTOM CONTENT -->

2
themes/default/views/admin/partners/create.blade.php
View file

@ -106,6 +106,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/partners/edit.blade.php
View file

@ -113,6 +113,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/products/create.blade.php
View file

@ -340,6 +340,8 @@
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>

2
themes/default/views/admin/products/edit.blade.php
View file

@ -343,6 +343,8 @@
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</section>

3
themes/default/views/admin/roles/edit.blade.php
View file

@ -53,6 +53,8 @@
<div class="form-group d-flex justify-content-end mt-3">
<button name="submit" type="submit" class="btn btn-primary">{{__('Submit')}}</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
@ -65,4 +67,3 @@
})
</script>
@endsection

2
themes/default/views/admin/servers/edit.blade.php
View file

@ -80,6 +80,8 @@
<button type="submit" class="btn btn-primary">{{ __('Submit') }}</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
</div>

4
themes/default/views/admin/settings/index.blade.php
View file

@ -157,6 +157,8 @@
<div class="row">
<button class="mt-3 ml-3 btn btn-primary">{{ __('Save') }}</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
@foreach ($settings as $category => $options)
@ -307,6 +309,8 @@
</button>
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
@endcanany

2
themes/default/views/admin/store/create.blade.php
View file

@ -152,6 +152,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/store/edit.blade.php
View file

@ -142,6 +142,8 @@
{{ __('Submit') }}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

5
themes/default/views/admin/ticket/blacklist.blade.php
View file

@ -61,7 +61,7 @@
</div>
<div class="card-body">
<form action="{{route('admin.ticket.blacklist.add')}}" method="POST" class="ticket-form">
@csrf
@csrf
<div class="p-0 mb-3 custom-control">
<label for="user_id">{{ __('User') }}:
<i data-toggle="popover" data-trigger="hover"
@ -78,6 +78,8 @@
<button type="submit" class="btn btn-primary ticket-once">
{{__('Submit')}}
</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
@ -179,4 +181,3 @@
});
</script>
@endsection

7
themes/default/views/admin/ticket/category.blade.php
View file

@ -57,7 +57,7 @@
</div>
<div class="card-body">
<form action="{{route("admin.ticket.category.store")}}" method="POST" class="ticket-form">
@csrf
@csrf
<div class="form-group ">
<label for="name" class="control-label">{{__("Name")}}</label>
<input id="name" type="text" class="form-control" name="name" required>
@ -65,6 +65,8 @@
<button type="submit" class="btn btn-primary">
{{__('Submit')}}
</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
@ -90,6 +92,8 @@
<button type="submit" class="btn btn-primary">
{{__('Submit')}}
</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
@ -129,4 +133,3 @@
</script>
@endsection

3
themes/default/views/admin/usefullinks/create.blade.php
View file

@ -34,7 +34,6 @@
<form action="{{route('admin.usefullinks.store')}}" method="POST">
@csrf
<div class="form-group">
<label for="icon">{{__('Icon class name')}}</label>
<input value="{{old('icon')}}" id="icon" name="icon"
@ -117,6 +116,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/usefullinks/edit.blade.php
View file

@ -118,6 +118,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

15
themes/default/views/admin/users/edit.blade.php
View file

@ -106,7 +106,7 @@
@endif value="{{$role->id}}">{{$role->name}}</option>
@endforeach
</select>
</div>
</div>
</div>
<div class="form-group">
<label for="name">{{__('Referral-Code')}}</label>
@ -118,15 +118,18 @@
</div>
@enderror
</div>
@error('role')
<div class="text-danger">
{{$message}}
</div>
@enderror
@error('role')
<div class="text-danger">
{{$message}}
</div>
@enderror
<div class="form-group text-right">
<button type="submit" class="btn btn-primary">{{__('Submit')}}</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
</div>

2
themes/default/views/admin/users/notifications.blade.php
View file

@ -104,6 +104,8 @@
<div class="form-group text-right">
<button type="submit" class="btn btn-primary">{{__('Submit')}}</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/vouchers/create.blade.php
View file

@ -133,6 +133,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/admin/vouchers/edit.blade.php
View file

@ -136,6 +136,8 @@
{{__('Submit')}}
</button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/auth/login.blade.php
View file

@ -93,6 +93,8 @@
</div>
<!-- /.col -->
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
<p class="mb-1">
@if (Route::has('password.request'))

2
themes/default/views/auth/passwords/confirm.blade.php
View file

@ -40,6 +40,8 @@
@endif
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

1
themes/default/views/auth/passwords/email.blade.php
View file

@ -56,6 +56,7 @@
<!-- /.col -->
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
<p class="mt-3 mb-1">
<a href="{{ route('login') }}">{{ __('Login') }}</a>

2
themes/default/views/auth/passwords/reset.blade.php
View file

@ -67,6 +67,8 @@
</div>
<!-- /.col -->
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
<p class="mt-3 mb-1">

6
themes/default/views/auth/register.blade.php
View file

@ -154,8 +154,10 @@
<button type="submit" class="btn btn-primary">{{ __('Register') }}</button>
</div>
<!-- /.col -->
</div>
</form>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
<a href="{{ route('login') }}" class="text-center">{{ __('I already have a membership') }}</a>
</div>
<!-- /.form-box -->

2
themes/default/views/auth/verify.blade.php
View file

@ -19,6 +19,8 @@
<form class="d-inline" method="POST" action="{{ route('verification.resend') }}">
@csrf
<button type="submit" class="btn btn-link p-0 m-0 align-baseline">{{ __('click here to request another') }}</button>.
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

3
themes/default/views/layouts/main.blade.php
View file

@ -85,6 +85,7 @@
</button>
@endforeach
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</li>
@ -190,6 +191,8 @@
<i class="fas fa-sign-out-alt fa-sm fa-fw mr-2 text-gray-400"></i>
{{ __('Logout') }}
</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</li>

3
themes/default/views/profile/index.blade.php
View file

@ -304,8 +304,9 @@
</div>
</div>
</div>
</form>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
<!-- END CUSTOM CONTENT -->

1
themes/default/views/servers/create.blade.php
View file

@ -258,6 +258,7 @@
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
<!-- END FORM -->

10
themes/default/views/servers/settings.blade.php
View file

@ -269,10 +269,11 @@
<br> <strong>{{__("Caution") }}:</strong> {{__("Upgrading/Downgrading your server will reset your billing cycle to now. Your overpayed Credits will be refunded. The price for the new billing cycle will be withdrawed")}}. <br>
<br> {{__("Server will be automatically restarted once upgraded")}}
</div>
<div class="modal-footer card-body">
<button type="submit" class="btn btn-primary upgrade-once" style="width: 100%"><strong>{{__("Change Product")}}</strong></button>
</div>
</div>
<div class="modal-footer card-body">
<button type="submit" class="btn btn-primary upgrade-once" style="width: 100%"><strong>{{__("Change Product")}}</strong></button>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>
@ -303,6 +304,7 @@
@csrf
@method('DELETE')
<button data-toggle="popover" data-trigger="hover" data-placement="top" class="btn btn-danger mr-1">{{__("Delete")}}</button>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</div>

2
themes/default/views/store/checkout.blade.php
View file

@ -223,6 +223,8 @@
</div>
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>

2
themes/default/views/ticket/create.blade.php
View file

@ -132,6 +132,8 @@
</div>
</div>
</div>
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
</div>
</section>