feature: csrf protection

2026-01-14 02:21:30 +01:00 · 2023-09-16 09:23:51 +02:00
parent 046c0b5cf4
commit 0e33fd103c
72 changed files with 332 additions and 39 deletions
--- a/system/templates/faq.form.html.twig
+++ b/system/templates/faq.form.html.twig
@@ -1,7 +1,8 @@
 <form method="post" action="{{ link }}">
-    {% if action == 'edit' %}
-        <input type="hidden" name="id" value="{{ id }}" />
-    {% endif %}
+	{{ csrf() }}
+	{% if action == 'edit' %}
+		<input type="hidden" name="id" value="{{ id }}" />
+	{% endif %}
 	<table width="100%" border="0" cellspacing="1" cellpadding="4">
 		<tr>
 			<td bgcolor="{{ config.vdarkborder }}" class="white"><b>{% if action == 'edit' %}Edit{% else %}Add{% endif %} FAQ</b></td>
@@ -23,4 +24,4 @@
 			</td>
 		</tr>
 	</table>
-</form>
+</form>