From 453b5b46a370e3f01f2c948ac3eddf0bcd82c741 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20H=C3=B6=C3=9Fl?= <tobias@hoessl.eu>
Date: Sun, 18 Mar 2012 15:44:33 +0000
Subject: CSRF-Protection in the group-related form (creating, renaming and
 dropping a group, adding/removing members from it)

---
 view/group_drop.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'view/group_drop.tpl')

diff --git a/view/group_drop.tpl b/view/group_drop.tpl
index cbae1610f..2cbebbb8e 100755
--- a/view/group_drop.tpl
+++ b/view/group_drop.tpl
@@ -1,5 +1,5 @@
 <div class="group-delete-wrapper button" id="group-delete-wrapper-$id" >
-	<a href="group/drop/$id" 
+	<a href="group/drop/$id?t=$form_security_token" 
 		onclick="return confirmDelete();" 
 		id="group-delete-icon-$id" 
 		class="icon drophide group-delete-icon" 
-- 
cgit v1.2.3