fixes #2519 prevent CSRF on album notification form

admin/album_notification.php

@@ -33,6 +33,7 @@ $page['cat'] = $category['id'];
 // info by email to an access granted group of category informations
 if (isset($_POST['submitEmail']))
 {
+  check_pwg_token();
   set_make_full_url();
 
   $img = array();

admin/themes/default/template/album_notification.tpl

@@ -61,6 +61,7 @@ span.errors {
 {/html_style}
 
 <form action="{$F_ACTION}" method="post" id="categoryNotify">
+<input type="hidden" name="pwg_token" value="{$PWG_TOKEN}">
 
 <fieldset id="emailCatInfo">
   <legend><span class="icon-mail-1 icon-green"></span>{'Send mail to users'|@translate}</legend>