aboutsummaryrefslogtreecommitdiffstats
path: root/extensions/Voting
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/Voting')
-rw-r--r--extensions/Voting/Extension.pm4
-rw-r--r--extensions/Voting/template/en/default/pages/voting/user.html.tmpl1
-rw-r--r--extensions/Voting/template/en/default/voting/delete-all.html.tmpl1
3 files changed, 6 insertions, 0 deletions
diff --git a/extensions/Voting/Extension.pm b/extensions/Voting/Extension.pm
index d94ff8430..8417e0ec3 100644
--- a/extensions/Voting/Extension.pm
+++ b/extensions/Voting/Extension.pm
@@ -36,6 +36,7 @@ use Bugzilla::Field;
use Bugzilla::Mailer;
use Bugzilla::User;
use Bugzilla::Util qw(detaint_natural);
+use Bugzilla::Token;
use List::Util qw(min);
@@ -529,6 +530,9 @@ sub _update_votes {
|| ThrowUserError("voting_must_be_nonnegative");
}
+ my $token = $cgi->param('token');
+ check_hash_token($token, ['vote']);
+
############################################################################
# End Data/Security Validation
############################################################################
diff --git a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
index f2ac160f8..dbceaf217 100644
--- a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
+++ b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl
@@ -74,6 +74,7 @@
[% IF products.size %]
<form name="voting_form" method="post" action="page.cgi?id=voting/user.html">
<input type="hidden" name="action" value="vote">
+ <input type="hidden" name="token" value="[% issue_hash_token(['vote']) FILTER html %]">
<table cellspacing="4">
<tr>
<td></td>
diff --git a/extensions/Voting/template/en/default/voting/delete-all.html.tmpl b/extensions/Voting/template/en/default/voting/delete-all.html.tmpl
index 82ddc3596..f0d3b7e13 100644
--- a/extensions/Voting/template/en/default/voting/delete-all.html.tmpl
+++ b/extensions/Voting/template/en/default/voting/delete-all.html.tmpl
@@ -35,6 +35,7 @@
<form action="page.cgi?id=voting/user.html" method="post">
<input type="hidden" name="action" value="vote">
+ <input type="hidden" name="token" value="[% issue_hash_token(['vote']) FILTER html %]">
<p>
<input type="radio" name="delete_all_votes" value="1">
Yes, delete all my votes