Project-Pro/orderPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(03-tech-debt): standardize CSRF field name to _token

Browse Source 
Phase 3 complete:
- Zmieniono _csrf_token -> _token w OrdersController (1x), ShipmentController (2x)
- Zmieniono name="_csrf_token" -> name="_token" w orders/show.php (1x), shipments/prepare.php (2x)
- Usunięto concern z .paul/codebase/CONCERNS.md

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Jacek Pyziak
2026-03-13 00:58:59 +01:00
parent 880ab5933f
commit 7b29fd9e02
10 changed files with 298 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
resources/views/shipments/prepare.php
View File

@@ -105,7 +105,7 @@ $defaultCodAmount = $isCod ? number_format($totalWithTax, 2, '.', '') : '0';
-
<?php else: ?>
<form method="post" action="/orders/<?= $e((string) ($orderId ?? 0)) ?>/shipment/<?= $e((string) $pkgId) ?>/label" style="display:inline">
<input type="hidden" name="_csrf_token" value="<?= $e($csrfToken ?? '') ?>">
<input type="hidden" name="_token" value="<?= $e($csrfToken ?? '') ?>">
<button type="submit" class="btn btn--sm btn--secondary">Pobierz</button>
</form>
<?php endif; ?>
@@ -138,7 +138,7 @@ $defaultCodAmount = $isCod ? number_format($totalWithTax, 2, '.', '') : '0';
<?php endif; ?>
<form method="post" action="/orders/<?= $e((string) ($orderId ?? 0)) ?>/shipment/create" novalidate>
<input type="hidden" name="_csrf_token" value="<?= $e($csrfToken ?? '') ?>">
<input type="hidden" name="_token" value="<?= $e($csrfToken ?? '') ?>">
<div class="shipment-grid mt-16">
<section class="card">