From 8a62e1ddc1c2c62513d210694b7433f18119a252 Mon Sep 17 00:00:00 2001
From: "greeshma.kk" <greeshma.kk@vtiger.com>
Date: Wed, 21 Aug 2019 10:38:52 +0530
Subject: [PATCH] installation_error_fix

---
 libraries/csrf-magic/csrf-magic.php | 2 +-
 vtlib/Vtiger/Functions.php          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libraries/csrf-magic/csrf-magic.php b/libraries/csrf-magic/csrf-magic.php
index 9237a13bd..02919c873 100644
--- a/libraries/csrf-magic/csrf-magic.php
+++ b/libraries/csrf-magic/csrf-magic.php
@@ -233,7 +233,7 @@ function csrf_get_tokens() {
     // any cookies. It may or may not be used, depending on whether or not
     // the cookies "stick"
     $secret = csrf_get_secret();
-    if (!$has_cookies && $secret) {
+    if (!$has_cookies && $secret && isset($_SERVER['IP_ADDRESS'])) {
         // :TODO: Harden this against proxy-spoofing attacks
         $ip = ';ip:' . csrf_hash($_SERVER['IP_ADDRESS']);
     } else {
diff --git a/vtlib/Vtiger/Functions.php b/vtlib/Vtiger/Functions.php
index b2ab241f9..c3be52453 100644
--- a/vtlib/Vtiger/Functions.php
+++ b/vtlib/Vtiger/Functions.php
@@ -1473,7 +1473,7 @@ class Vtiger_Functions {
      */
     public static function validateRequestParameters($request) {
         foreach (self::$type as $param => $type) {
-            if ($request[$param] && !self::validateRequestParameter($type, $request[$param])) {
+            if ( isset($request[$param])&& $request[$param] && !self::validateRequestParameter($type, $request[$param])) {
                 http_response_code(400);
                 throw new Exception('Bad Request');
             }
-- 
GitLab