Add missing csrf() into account manage actions

2025-06-10 06:44:29 +02:00 · 2025-06-09 21:18:42 +02:00 · 2025-06-09 21:18:42 +02:00 · 10cd71a663
commit 10cd71a663
parent 0812fe025d
1 changed files with 58 additions and 46 deletions
--- a/templates/tibiacom/account.management.html.twig
+++ b/templates/tibiacom/account.management.html.twig
@ -11,13 +11,14 @@
 					<td width="100%"></td>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
-							<form action="{{ getLink('account/logout') }}" method="post" >
+							<tr>
-								<tr>
+								<td style="border:0;">
-									<td style="border:0px;">
+									<form action="{{ getLink('account/logout') }}" method="post" >
 										{{ csrf() }}
 										{{ include('buttons.logout.html.twig') }}
-									</td>
+									</form>
-								</tr>
+								</td>
-							</form>
+							</tr>
 						</table>
 					</td>
 				</tr>
@ -59,13 +60,14 @@
 			</table>
 			<div style="text-align:center">
 				<table border="0" cellspacing="0" cellpadding="0" style="margin-left: auto; margin-right: auto;">
-					<form action="{{ getLink('account/register') }}" method="post">
+					<tr>
-						<tr>
+						<td style="border:0;">
-							<td style="border:0;">
+							<form action="{{ getLink('account/register') }}" method="post">
 								{{ csrf() }}
 								{{ include('buttons.register_account.html.twig') }}
-							</td>
+							</form>
-						</tr>
+						</td>
-					</form>
+					</tr>
 				</table>
 			</div>
 		</div>
@ -94,13 +96,14 @@
 			</table>
 			<div style="text-align:center">
 				<table border="0" cellspacing="0" cellpadding="0">
-					<form action="{{ getLink('account/change-email') }}" method="post">
+					<tr>
-						<tr>
+						<td style="border:0;">
-							<td style="border:0px;">
+							<form action="{{ getLink('account/change-email') }}" method="post">
 								{{ csrf() }}
 								{{ include('buttons.edit.html.twig') }}
-							</td>
+							</form>
-						</tr>
+						</td>
-					</form>
+					</tr>
 				</table>
 			</div>
 		</div>
@ -177,26 +180,29 @@
 				<tr>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
-							<form action="{{ getLink('account/change-password') }}" method="post">
+							<tr>
-								<tr>
+								<td style="border:0;" >
-									<td style="border:0px;" >
+									<form action="{{ getLink('account/change-password') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.change_password.html.twig') }}
-									</td>
+									</form>
-								</tr>
+								</td>
-							</form>
+							</tr>
 						</table>
 					</td>
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
-							<form action="{{ getLink('account/change-email') }}" method="post">
+							<tr>
-								<tr>
+								<td style="border:0;">
-									<td style="border:0px;">
+									<form action="{{ getLink('account/change-email') }}" method="post">
 										{{ csrf() }}
 										<input type="hidden" name="newemail" value=""/>
 										<input type="hidden" name="newemaildate" value="0">
 										{{ include('buttons.change_email.html.twig') }}
-									</td>
+									</form>
-								</tr>
+								</td>
-							</form>
+							</tr>
 						</table>
 					</td>
 					<td width="100%"></td>
@ -204,13 +210,14 @@
 					{% if recovery_key is empty %}
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
-							<form action="{{ getLink('account/register') }}" method="post">
+							<tr>
-								<tr>
+								<td style="border:0;">
-									<td style="border:0px;">
+									<form action="{{ getLink('account/register') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.register_account.html.twig') }}
-									</td>
+									</form>
-								</tr>
+								</td>
-							</form>
+							</tr>
 						</table>
 					</td>
 					{% endif %}
@ -258,13 +265,14 @@
 							</td>
 							<td align=right>
 								<table border="0" cellspacing="0" cellpadding="0">
-									<form action="{{ getLink('account/change-info') }}" method="post">
+									<tr>
-										<tr>
+										<td style="border:0;">
-											<td style="border:0px;">
+											<form action="{{ getLink('account/change-info') }}" method="post">
 												{{ csrf() }}
 												{{ include('buttons.edit.html.twig') }}
-											</td>
+											</form>
-										</tr>
+										</td>
-									</form>
+									</tr>
 								</table>
 							</td>
 						</tr>
@ -398,8 +406,9 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0px;">
+								<td style="border:0;">
 									<form action="{{ getLink('account/characters/create') }}" method="post" >
 										{{ csrf() }}
 										{{ include('buttons.create_character.html.twig') }}
 									</form>
 								</td>
@ -410,8 +419,9 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0px;">
+								<td style="border:0;">
 									<form action="{{ getLink('account/characters/change-name') }}" method="post" >
 										{{ csrf() }}
 										{{ include('buttons.change_name.html.twig') }}
 									</form>
 								</td>
@ -423,8 +433,9 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0" >
 							<tr>
-								<td style="border:0px;">
+								<td style="border:0;">
 									<form action="{{ getLink('account/characters/change-sex') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.change_sex.html.twig') }}
 									</form>
 								</td>
@ -436,8 +447,9 @@
 					<td>
 						<table border="0" cellspacing="0" cellpadding="0">
 							<tr>
-								<td style="border: 0px;">
+								<td style="border: 0;">
 									<form action="{{ getLink('account/characters/delete') }}" method="post">
 										{{ csrf() }}
 										{{ include('buttons.delete_character.html.twig') }}
 									</form>
 								</td>