diff options
| author | mensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2008-11-17 14:24:44 +0000 |
|---|---|---|
| committer | mensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2008-11-17 14:24:44 +0000 |
| commit | 54991bce619b2840452594e8a78004b7389445ed (patch) | |
| tree | b6704c154f80e8e1663ad891856cfc9f90182086 /templates/editprofile.tpl.php | |
| parent | 60b9c2c903f88e5c32e43dfbbe04679513d835ee (diff) | |
| download | semanticscuttle-54991bce619b2840452594e8a78004b7389445ed.tar.gz semanticscuttle-54991bce619b2840452594e8a78004b7389445ed.tar.bz2 | |
Bug fix: prevent from CSRF vulnerabilities on profile page (thank you Etienne Z.)
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@164 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'templates/editprofile.tpl.php')
| -rw-r--r-- | templates/editprofile.tpl.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/templates/editprofile.tpl.php b/templates/editprofile.tpl.php index a38dbd8..055aab0 100644 --- a/templates/editprofile.tpl.php +++ b/templates/editprofile.tpl.php @@ -3,6 +3,7 @@ $this->includeTemplate($GLOBALS['top_include']); ?> <form action="<?php echo $formaction; ?>" method="post"> +<input type="hidden" name="token" value="<?php echo $token; ?>"> </table> |