aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp/acp_disallow.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp/acp_disallow.php')
-rw-r--r--phpBB/includes/acp/acp_disallow.php8
1 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php
index 4be61ad778..0423c4cc38 100644
--- a/phpBB/includes/acp/acp_disallow.php
+++ b/phpBB/includes/acp/acp_disallow.php
@@ -28,9 +28,17 @@ class acp_disallow
$this->tpl_name = 'acp_disallow';
$this->page_title = 'ACP_DISALLOW_USERNAMES';
+ $form_key = 'acp_disallow';
+ add_form_key($form_key);
+
$disallow = (isset($_POST['disallow'])) ? true : false;
$allow = (isset($_POST['allow'])) ? true : false;
+ if (($allow || $disallow) && !check_form_key($form_key))
+ {
+ trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
if ($disallow)
{
$disallowed_user = str_replace('*', '%', utf8_normalize_nfc(request_var('disallowed_user', '', true)));
generated by cgit v1.2.1 (git 2.21.0) at 2024-09-21 22:59:30 +0000