From 522d84f2033e3c201848cb5b364ec051a00c9694 Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Wed, 28 May 2025 10:16:12 +0300
Subject: [PATCH] Bugfixes theme changer page

---
 app/pages/theme.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/app/pages/theme.php b/app/pages/theme.php
index 9abaf41..8d245f7 100644
--- a/app/pages/theme.php
+++ b/app/pages/theme.php
@@ -9,6 +9,10 @@
  * - switch_to: Changes the active theme for the current user
  */
 
+// Initialize security
+require_once '../app/helpers/security.php';
+$security = SecurityHelper::getInstance();
+
 // Only allow access to logged-in users
 if (!Session::isValidSession()) {
     header('Location: ' . $app_root . '?page=login');
@@ -20,9 +24,6 @@ if (isset($_GET['switch_to'])) {
     $themeName = $_GET['switch_to'];
 
     // Validate CSRF token for state-changing operations
-    require_once '../app/helpers/security.php';
-    $security = SecurityHelper::getInstance();
-
     if (!$security->verifyCsrfToken($_GET['csrf_token'] ?? '')) {
         Feedback::flash('SECURITY', 'CSRF_INVALID');
         header("Location: $app_root?page=theme");