• Registered: 2008-10-24
  • Posts: 19

Topic: Question regarding disabling CSRF

I am currently including common.php into a custom site I am building in order to include some user functionality. I had a problem where post information that I sent from a form on my site was being picked up by a function in functions.php, and it was using CSRF to alter my forms (and subsequently the output).

I disabled CSRF at the top of the commons.php page and it fixed the problem. I am wondering if this, in effect, will disable it for the entire site or not? I am not too familiar with fluxbb so I am not sure the extent to which disabling it in common.php will affect the rest of the forum.

If so, is there any other way I can solve this problem?

Thanks,
Chris Hayes

  • Smartys
  • Former FluxBB.org Developer
  • Offline
  • Registered: 2008-04-27
  • Posts: 2,099

Re: Question regarding disabling CSRF

Yes, it will. You're supposed to add the define to your file, before including common.php, not to the FluxBB file.

Smartys's Website

  • Registered: 2008-10-24
  • Posts: 19

Re: Question regarding disabling CSRF

Lawlz....very true. I clearly had a huge brain fart...thanks for pointing that out!

Regards,
Chris