Protect admin pages Change-Id: I09e77bf11424c7dbad22f925f2563138a5f9c563

commit: 3636291700fe448968f4bcc59bfb40478b4ba6eb [log] [tgz]
author: Adrià Vilanova Martínez <me@avm99963.com> Sun Nov 20 01:30:13 2022 +0100
committer: Adrià Vilanova Martínez <me@avm99963.com> Sun Nov 20 01:30:13 2022 +0100
tree: 2679abacfe2726581c9ad34dd62df6b6ad42ece5
parent: 30e6495bda37fb31fcc7a91e08afab86fed807fa [diff] [blame]
diff --git a/admin/insert.php b/admin/insert.php
index 883ca8a..9f5abb2 100644
--- a/admin/insert.php
+++ b/admin/insert.php

@@ -1,7 +1,12 @@
 <?php
 	require '../credentials.php';
 	require '../php/utils.php';
-	
+
+	$credentials = new Credentials();
+	if ($credentials->adminToken != ($_POST["token"] ?? "")) {
+		exit();
+	}
+
 	$csvname = $_FILES['csvname']['tmp_name'];
 	$dbname = $_POST['dbname'];
commit	3636291700fe448968f4bcc59bfb40478b4ba6eb	[log] [tgz]
author	Adrià Vilanova Martínez <me@avm99963.com>	Sun Nov 20 01:30:13 2022 +0100
committer	Adrià Vilanova Martínez <me@avm99963.com>	Sun Nov 20 01:30:13 2022 +0100
tree	2679abacfe2726581c9ad34dd62df6b6ad42ece5
parent	30e6495bda37fb31fcc7a91e08afab86fed807fa [diff] [blame]