From 06a70b8611401b5684943080081b6d3eb58a9d23 Mon Sep 17 00:00:00 2001
From: webfarben <kontakt@webfarben.net>
Date: Wed, 11 Mar 2026 21:38:25 +0100
Subject: [PATCH] Fix: use CSRF token manager for Contao 5 request token

---
 src/Backend/DummyCopierModule.php | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/src/Backend/DummyCopierModule.php b/src/Backend/DummyCopierModule.php
index 5067b3c..8040c90 100644
--- a/src/Backend/DummyCopierModule.php
+++ b/src/Backend/DummyCopierModule.php
@@ -25,7 +25,7 @@ class DummyCopierModule extends BackendModule
         $connection = System::getContainer()->get('database_connection');
 
         $this->Template->action = Environment::get('request');
-        $this->Template->requestToken = \defined('REQUEST_TOKEN') ? REQUEST_TOKEN : '';
+        $this->Template->requestToken = $this->getCsrfToken();
         $this->Template->pageChoices = $this->getPageChoices($connection);
         $this->Template->moduleChoices = $this->getModuleChoices($connection);
         $this->Template->contentChoices = $this->getContentChoices($connection);
@@ -139,6 +139,26 @@ class DummyCopierModule extends BackendModule
         return $ids[0] ?? 0;
     }
 
+    private function getCsrfToken(): string
+    {
+        $container = System::getContainer();
+
+        // Contao 5: use Symfony CSRF token manager
+        if ($container->has('contao.csrf.token_manager')) {
+            return $container
+                ->get('contao.csrf.token_manager')
+                ->getToken((string) $container->getParameter('contao.csrf_token_name'))
+                ->getValue();
+        }
+
+        // Contao 4 fallback
+        if (\defined('REQUEST_TOKEN')) {
+            return REQUEST_TOKEN;
+        }
+
+        return '';
+    }
+
     /**
      * @return array<int,string>
      */