diff options
| author | Tobias Hößl <tobias@hoessl.eu> | 2012-03-12 20:17:37 +0000 |
|---|---|---|
| committer | Tobias Hößl <tobias@hoessl.eu> | 2012-03-12 20:17:37 +0000 |
| commit | 59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445 (patch) | |
| tree | fea25d24a1559d6ce6681a6325b9e392ccace7a2 /view/cropbody.tpl | |
| parent | 9574f7df03407013fed4feb3922e19b7a94e34be (diff) | |
| download | volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.gz volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.bz2 volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.zip | |
Some security against XSRF-attacks
Diffstat (limited to 'view/cropbody.tpl')
| -rwxr-xr-x | view/cropbody.tpl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/view/cropbody.tpl b/view/cropbody.tpl index c9c0f84de..b484d15bf 100755 --- a/view/cropbody.tpl +++ b/view/cropbody.tpl @@ -40,6 +40,7 @@ $desc </script> <form action="profile_photo/$resource" id="crop-image-form" method="post" /> +<input type='hidden' name='form_security_token' value='$form_security_token'> <input type="hidden" name="cropfinal" value="1" /> <input type="hidden" name="xstart" id="x1" /> |