Browse code

avoid undefined index

Hanno authored on29/07/2018 09:09:05
Showing1 changed files
... ...
@@ -260,7 +260,8 @@ function are_you_sure($query_string, $question)
260 260
 function user_is_sure()
261 261
 {
262 262
     if (isset($_POST['really'])) {
263
-        if ($_POST['random_token'] == $_SESSION['are_you_sure_token']) {
263
+        if (array_key_exists('random_token', $_POST) &&
264
+            ($_POST['random_token'] == $_SESSION['are_you_sure_token'])) {
264 265
             return true;
265 266
         } else {
266 267
             system_failure("Possible Cross-site-request-forgery detected!");