aboutsummaryrefslogtreecommitdiffstats
path: root/view/profile_edit.tpl
diff options
context:
space:
mode:
authorTobias Hößl <tobias@hoessl.eu>2012-03-12 20:17:37 +0000
committerTobias Hößl <tobias@hoessl.eu>2012-03-12 20:17:37 +0000
commit59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445 (patch)
treefea25d24a1559d6ce6681a6325b9e392ccace7a2 /view/profile_edit.tpl
parent9574f7df03407013fed4feb3922e19b7a94e34be (diff)
downloadvolse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.gz
volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.bz2
volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.zip
Some security against XSRF-attacks
Diffstat (limited to 'view/profile_edit.tpl')
-rwxr-xr-xview/profile_edit.tpl5
1 files changed, 3 insertions, 2 deletions
diff --git a/view/profile_edit.tpl b/view/profile_edit.tpl
index 8dab72649..e5c7162d0 100755
--- a/view/profile_edit.tpl
+++ b/view/profile_edit.tpl
@@ -5,9 +5,9 @@ $default
<div id="profile-edit-links">
<ul>
<li><a href="profile/$profile_id/view?tab=profile" id="profile-edit-view-link" title="$viewprof">$viewprof</a></li>
-<li><a href="profiles/clone/$profile_id" id="profile-edit-clone-link" title="$cr_prof">$cl_prof</a></li>
+<li><a href="$profile_clone_link" id="profile-edit-clone-link" title="$cr_prof">$cl_prof</a></li>
<li></li>
-<li><a href="profiles/drop/$profile_id" id="profile-edit-drop-link" title="$del_prof" $disabled >$del_prof</a></li>
+<li><a href="$profile_drop_link" id="profile-edit-drop-link" title="$del_prof" $disabled >$del_prof</a></li>
</ul>
</div>
@@ -17,6 +17,7 @@ $default
<div id="profile-edit-wrapper" >
<form id="profile-edit-form" name="form1" action="profiles/$profile_id" method="post" >
+<input type='hidden' name='form_security_token' value='$form_security_token'>
<div id="profile-edit-profile-name-wrapper" >
<label id="profile-edit-profile-name-label" for="profile-edit-profile-name" >$lbl_profname </label>