aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrubencm <rubencm@gmail.com>2019-04-29 15:44:31 +0000
committerrubencm <rubencm@gmail.com>2019-04-29 16:13:26 +0000
commit540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46 (patch)
tree352815f547e9e77fe780726b935fdbbb2c084028
parent055d7658db7817b80d00b27d6e99cad961d0ee15 (diff)
downloadforums-540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46.tar
forums-540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46.tar.gz
forums-540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46.tar.bz2
forums-540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46.tar.xz
forums-540a6b7d2e7bfb9f2c24636a37127b16bbf6bc46.zip
[ticket/16036] Add S_FORM_TOKEN_LOGIN to all login forms
PHPBB3-16036
Diffstat
-rw-r--r--phpBB/includes/functions.php3
-rw-r--r--phpBB/styles/prosilver/template/login_forum.html1
-rw-r--r--phpBB/styles/prosilver/template/viewforum_body.html1
-rw-r--r--phpBB/viewforum.php3
4 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 1d1c9f6f4f..9032b79cbf 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2664,6 +2664,9 @@ function login_forum_box($forum_data)
page_header($user->lang['LOGIN']);
+ // Add form token for login box
+ add_form_key('login', '_LOGIN');
+
$template->assign_vars(array(
'FORUM_NAME' => isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '',
'S_LOGIN_ACTION' => build_url(array('f')),
diff --git a/phpBB/styles/prosilver/template/login_forum.html b/phpBB/styles/prosilver/template/login_forum.html
index 7fa9736a96..c5c36d4564 100644
--- a/phpBB/styles/prosilver/template/login_forum.html
+++ b/phpBB/styles/prosilver/template/login_forum.html
@@ -25,6 +25,7 @@
<dd><input type="password" tabindex="1" id="password" name="password" size="25" class="inputbox narrow" autocomplete="off" /></dd>
</dl>
{S_LOGIN_REDIRECT}
+ {S_FORM_TOKEN_LOGIN}
<dl>
<dt>&nbsp;</dt>
<dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" id="login" class="button1" value="{L_LOGIN}" tabindex="2" /></dd>
diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html
index 045f801ce5..d7099f387f 100644
--- a/phpBB/styles/prosilver/template/viewforum_body.html
+++ b/phpBB/styles/prosilver/template/viewforum_body.html
@@ -114,6 +114,7 @@
<dd><input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></dd>
</dl>
{S_LOGIN_REDIRECT}
+ {S_FORM_TOKEN_LOGIN}
</fieldset>
</div>
diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php
index 72c96e2d2d..5525a0d462 100644
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@@ -198,6 +198,9 @@ if (!($forum_data['forum_type'] == FORUM_POST || (($forum_data['forum_flags'] &
// We also make this circumstance available to the template in case we want to display a notice. ;)
if (!$auth->acl_gets('f_read', 'f_list_topics', $forum_id))
{
+ // Add form token for login box
+ add_form_key('login', '_LOGIN');
+
$template->assign_vars(array(
'S_NO_READ_ACCESS' => true,
));
generated by cgit v1.2.1 (git 2.21.0) at 2024-06-26 00:54:30 +0000