- if (isset($i_newdb)) {
- list($msg1, $err1) = proc::newdb($User, $i_newdb);
- }
- if (isset($i_drop)) {
- list($msg1, $err1) = proc::drop($User, $i_drop);
+ if($_SESSION['csrf_token'] != $_POST['csrf_token'])
+ {
+ $err1[] = "CSRF token incorrect or not found. Try submitting again.";
+ } else {
+ if (isset($i_newdb)) {
+ list($msg1, $err1) = proc::newdb($User, $i_newdb);
+ }
+ if (isset($i_drop)) {
+ list($msg1, $err1) = proc::drop($User, $i_drop);
+ }