not needed stuff removed
This commit is contained in:
Ryan
1
auth.js
1
auth.js
@@ -15,7 +15,6 @@ function initAuth() {
|
||||
username: document.getElementById("loginUsername").value.trim(),
|
||||
password: document.getElementById("loginPassword").value.trim()
|
||||
};
|
||||
console.log("Sending login data:", formData);
|
||||
// Include CSRF token header with login
|
||||
sendRequest("auth.php", "POST", formData, { "X-CSRF-Token": window.csrfToken })
|
||||
.then(data => {
|
||||
|
||||
@@ -867,7 +867,6 @@ function adjustEditorSize() {
|
||||
if (modal && window.currentEditor) {
|
||||
const modalHeight = modal.getBoundingClientRect().height || 600;
|
||||
const newEditorHeight = Math.max(modalHeight * 0.80, 5) + "px";
|
||||
console.log("Adjusting editor height to:", newEditorHeight);
|
||||
window.currentEditor.setSize("100%", newEditorHeight);
|
||||
}
|
||||
}
|
||||
@@ -881,7 +880,6 @@ function observeModalResize(modal) {
|
||||
}
|
||||
|
||||
export function editFile(fileName, folder) {
|
||||
console.log("Edit button clicked for:", fileName);
|
||||
let existingEditor = document.getElementById("editorContainer");
|
||||
if (existingEditor) {
|
||||
existingEditor.remove();
|
||||
@@ -895,7 +893,6 @@ export function editFile(fileName, folder) {
|
||||
fetch(fileUrl, { method: "HEAD" })
|
||||
.then(response => {
|
||||
const contentLength = response.headers.get("Content-Length");
|
||||
console.log("Content-Length:", contentLength);
|
||||
if (!contentLength || parseInt(contentLength) > 10485760) {
|
||||
showToast("This file is larger than 10 MB and cannot be edited in the browser.");
|
||||
throw new Error("File too large.");
|
||||
|
||||
@@ -329,7 +329,6 @@
|
||||
</div>
|
||||
|
||||
<!-- JavaScript Files -->
|
||||
<script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
|
||||
<script type="module" src="main.js"></script>
|
||||
</body>
|
||||
|
||||
|
||||
13
logout.php
13
logout.php
@@ -2,15 +2,18 @@
|
||||
session_start();
|
||||
$headers = array_change_key_case(getallheaders(), CASE_LOWER);
|
||||
$receivedToken = isset($headers['x-csrf-token']) ? trim($headers['x-csrf-token']) : '';
|
||||
if ($receivedToken !== $_SESSION['csrf_token']) {
|
||||
echo json_encode(["error" => "Invalid CSRF token"]);
|
||||
http_response_code(403);
|
||||
exit;
|
||||
|
||||
// Fallback: If a CSRF token exists in the session and doesn't match the one provided,
|
||||
// log the mismatch but proceed with logout.
|
||||
if (isset($_SESSION['csrf_token']) && $receivedToken !== $_SESSION['csrf_token']) {
|
||||
// Optionally log this event:
|
||||
error_log("CSRF token mismatch on logout. Proceeding with logout.");
|
||||
}
|
||||
|
||||
$_SESSION = []; // Clear session data
|
||||
session_destroy(); // Destroy session
|
||||
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode(["success" => "Logged out"]);
|
||||
exit;
|
||||
?>
|
||||
?>
|
||||
Reference in New Issue
Block a user