(cp 77f02bf) fixes #822, add token on configuration page to prevent CSRF

This commit is contained in:
plegall
2017-12-18 15:16:13 +01:00
parent 53d62e0c14
commit c3b4c6f7f0
7 changed files with 8 additions and 0 deletions
+2
View File
@@ -150,6 +150,7 @@ $mail_themes = array(
//------------------------------ verification and registration of modifications
if (isset($_POST['submit']))
{
check_pwg_token();
$int_pattern = '/^\d+$/';
switch ($page['section'])
@@ -320,6 +321,7 @@ $action.= '&section='.$page['section'];
$template->assign(
array(
'U_HELP' => get_root_url().'admin/popuphelp.php?page=configuration',
'PWG_TOKEN' => get_pwg_token(),
'F_ACTION'=>$action
));