installation_error_fix

libraries/csrf-magic/csrf-magic.php

@@ -233,7 +233,7 @@ function csrf_get_tokens() {
     // any cookies. It may or may not be used, depending on whether or not
     // the cookies "stick"
     $secret = csrf_get_secret();
-    if (!$has_cookies && $secret) {
+    if (!$has_cookies && $secret && isset($_SERVER['IP_ADDRESS'])) {
         // :TODO: Harden this against proxy-spoofing attacks
         $ip = ';ip:' . csrf_hash($_SERVER['IP_ADDRESS']);
     } else {

vtlib/Vtiger/Functions.php

@@ -1473,7 +1473,7 @@ class Vtiger_Functions {
      */
     public static function validateRequestParameters($request) {
         foreach (self::$type as $param => $type) {
-            if ($request[$param] && !self::validateRequestParameter($type, $request[$param])) {
+            if ( isset($request[$param])&& $request[$param] && !self::validateRequestParameter($type, $request[$param])) {
                 http_response_code(400);
                 throw new Exception('Bad Request');
             }