summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
authormensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-17 14:24:44 +0000
committermensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-17 14:24:44 +0000
commit54991bce619b2840452594e8a78004b7389445ed (patch)
treeb6704c154f80e8e1663ad891856cfc9f90182086 /templates
parent60b9c2c903f88e5c32e43dfbbe04679513d835ee (diff)
downloadsemanticscuttle-54991bce619b2840452594e8a78004b7389445ed.tar.gz
semanticscuttle-54991bce619b2840452594e8a78004b7389445ed.tar.bz2
Bug fix: prevent from CSRF vulnerabilities on profile page (thank you Etienne Z.)
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@164 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'templates')
-rw-r--r--templates/editprofile.tpl.php1
1 files changed, 1 insertions, 0 deletions
diff --git a/templates/editprofile.tpl.php b/templates/editprofile.tpl.php
index a38dbd8..055aab0 100644
--- a/templates/editprofile.tpl.php
+++ b/templates/editprofile.tpl.php
@@ -3,6 +3,7 @@ $this->includeTemplate($GLOBALS['top_include']);
?>
<form action="<?php echo $formaction; ?>" method="post">
+<input type="hidden" name="token" value="<?php echo $token; ?>">
</table>