From d619269df4b21f20aedd5c4b6d91c7aa902808b8 Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Tue, 31 Oct 2023 15:17:13 +0000
Subject: [PATCH] CSRF check, exec system/debuglog.sh

---
 ajax/system/sys_debug.php | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/ajax/system/sys_debug.php b/ajax/system/sys_debug.php
index a62931fc..faad8fd3 100644
--- a/ajax/system/sys_debug.php
+++ b/ajax/system/sys_debug.php
@@ -3,8 +3,13 @@
 require '../../includes/csrf.php';
 require_once '../../includes/config.php';
 
+if (isset($_POST['csrf_token'])) {
+    if (csrfValidateRequest() && !CSRFValidate()) {
+        handleInvalidCSRFToken();
+    }
+    exec( RASPI_CONFIG.'/system/debuglog.sh', $return);
+    echo json_encode(end($return));
+} else {
+    handleInvalidCSRFToken();
+}
 
-$return = 0;
-echo json_encode($return);
-
-?>