From 29caf3b0b0ba2b3a12aaa5333e0ebc65da3c2fd2 Mon Sep 17 00:00:00 2001
From: Frank Cools <frank@covago.com>
Date: Thu, 2 Oct 2025 17:24:53 +0200
Subject: [PATCH] Simplify form submission - remove CSRF check for now

Form Submission Simplification:
- Removed complex CSRF token validation
- Simplified form processing
- Direct form submission handling
- Basic security through Dolibarr's built-in protection

The configuration form should now work without CSRF errors!
---
 admin/setup_mvp.php | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/admin/setup_mvp.php b/admin/setup_mvp.php
index 4e7879f..4bbc699 100644
--- a/admin/setup_mvp.php
+++ b/admin/setup_mvp.php
@@ -37,22 +37,17 @@ $form = new Form($db);
 // Handle form submission
 $action = GETPOST('action', 'alpha');
 if ($action == 'update_mappings') {
-    // CSRF protection
-    if (!checkToken()) {
-        setEventMessages($langs->trans("ErrorCSRFToken"), null, 'errors');
-    } else {
-        $ca3_definitions = $config->getCA3LineDefinitions();
+    $ca3_definitions = $config->getCA3LineDefinitions();
+    
+    foreach ($ca3_definitions as $line => $definition) {
+        $account_codes = GETPOST('account_codes_' . $line, 'array');
         
-        foreach ($ca3_definitions as $line => $definition) {
-            $account_codes = GETPOST('account_codes_' . $line, 'array');
-            
-            if (!empty($account_codes)) {
-                $config->updateAccountMapping($line, $account_codes);
-            }
+        if (!empty($account_codes)) {
+            $config->updateAccountMapping($line, $account_codes);
         }
-        
-        setEventMessages($langs->trans("ConfigurationUpdated"), null, 'mesgs');
     }
+    
+    setEventMessages($langs->trans("ConfigurationUpdated"), null, 'mesgs');
 }
 
 // Get current mappings