bug 2844: improve security on LocalFiles Editor, add pwg_token to avoid CSRF

git-svn-id: http://piwigo.org/svn/branches/2.4@20713 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall
2013-02-12 10:11:30 +00:00
parent ff5b60a215
commit 5b07a9bfd2
2 changed files with 4 additions and 0 deletions
@@ -27,6 +27,7 @@ if (document.getElementById("text") != null)
</div>
<form method="post" class="properties" action="{$F_ACTION}" ENCTYPE="multipart/form-data" name="form">
<input type="hidden" name="pwg_token" value="{$PWG_TOKEN}">
<div id="LocalFilesEditor">