aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp/acp_language.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp/acp_language.php')
-rw-r--r--phpBB/includes/acp/acp_language.php7
1 files changed, 6 insertions, 1 deletions
diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php
index 3888a411f0..bddc2be9cb 100644
--- a/phpBB/includes/acp/acp_language.php
+++ b/phpBB/includes/acp/acp_language.php
@@ -244,6 +244,11 @@ class acp_language
break;
case 'install':
+ if (!check_link_hash($request->variable('hash', ''), 'acp_language'))
+ {
+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
$lang_iso = request_var('iso', '');
$lang_iso = basename($lang_iso);
@@ -423,7 +428,7 @@ class acp_language
'ISO' => htmlspecialchars($lang_ary['iso']),
'LOCAL_NAME' => htmlspecialchars($lang_ary['local_name'], ENT_COMPAT, 'UTF-8'),
'NAME' => htmlspecialchars($lang_ary['name'], ENT_COMPAT, 'UTF-8'),
- 'U_INSTALL' => $this->u_action . '&action=install&iso=' . urlencode($lang_ary['iso']))
+ 'U_INSTALL' => $this->u_action . '&action=install&iso=' . urlencode($lang_ary['iso']) . '&hash=' . generate_link_hash('acp_language'))
);
}
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-07-30 16:12:11 +0000