Some security against XSRF-attacks

author: Tobias Hößl <tobias@hoessl.eu> 2012-03-12 20:17:37 +0000
committer: Tobias Hößl <tobias@hoessl.eu> 2012-03-12 20:17:37 +0000
commit: 59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445 (patch)
tree: fea25d24a1559d6ce6681a6325b9e392ccace7a2 /view/profile_photo.tpl
parent: 9574f7df03407013fed4feb3922e19b7a94e34be (diff)
download: volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.gz
volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.bz2
volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/view/profile_photo.tpl b/view/profile_photo.tpl
index f258b5b86..0b3a1cac1 100755
--- a/view/profile_photo.tpl
+++ b/view/profile_photo.tpl
@@ -1,6 +1,7 @@
 <h1>$title</h1>
 
 <form enctype="multipart/form-data" action="profile_photo" method="post">
+<input type='hidden' name='form_security_token' value='$form_security_token'>
 
 <div id="profile-photo-upload-wrapper">
 <label id="profile-photo-upload-label" for="profile-photo-upload">$lbl_upfile </label>
author	Tobias Hößl <tobias@hoessl.eu>	2012-03-12 20:17:37 +0000
committer	Tobias Hößl <tobias@hoessl.eu>	2012-03-12 20:17:37 +0000
commit	59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445 (patch)
tree	fea25d24a1559d6ce6681a6325b9e392ccace7a2 /view/profile_photo.tpl
parent	9574f7df03407013fed4feb3922e19b7a94e34be (diff)
download	volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.gz volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.tar.bz2 volse-hubzilla-59766b944c9ea3a45b1d7e8593f7bb5d4a0b8445.zip