Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-17 19:23:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

feature: csrf protection

Browse Source
This commit is contained in:
slawkens
2023-09-16 09:23:51 +02:00
parent 046c0b5cf4
commit 0e33fd103c
72 changed files with 332 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
system/pages/account/change_email.php
View File

@@ -92,18 +92,22 @@ else
<tr>
<td width="30">&nbsp;</td>
<td align=left>
<form action="' . getLink('account/email') . '" method="post"><input type="hidden" name="changeemailsave" value=1 >
<form action="' . getLink('account/email') . '" method="post">
' . csrf() . '
<input type="hidden" name="changeemailsave" value=1 >
<INPUT TYPE=image NAME="I Agree" SRC="' . $template_path . '/images/global/buttons/sbutton_iagree.gif" BORDER=0 WIDTH=120 HEIGHT=17>
</form>
</td>
<td align=left>
<form action="' . getLink('account/email') . '" method="post">
' . csrf() . '
<input type="hidden" name="emailchangecancel" value=1 >
' . $twig->render('buttons.cancel.html.twig') . '
</form>
</td>
<td align=right>
<form action="?subtopic=accountmanagement" method="post" >
' . csrf() . '
' . $twig->render('buttons.back.html.twig') . '
</form>
</td>
@@ -125,6 +129,7 @@ else
<td>
<table border="0" cellspacing="0" cellpadding="0" >
<form action="' .getLink('account/email') . '" method="post" >
' . csrf() . '
<tr>
<td style="border:0px;" >
<input type="hidden" name="emailchangecancel" value="1" >
@@ -137,6 +142,7 @@ else
<td>
<table border="0" cellspacing="0" cellpadding="0" >
<form action="' . getLink('account/manage') . '" method="post" >
' . csrf() . '
<tr>
<td style="border:0px;" >
' . $twig->render('buttons.back.html.twig') . '