diff options
Diffstat (limited to 'phpBB/includes/acp/acp_disallow.php')
-rw-r--r-- | phpBB/includes/acp/acp_disallow.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/acp/acp_disallow.php b/phpBB/includes/acp/acp_disallow.php index 4be61ad778..0423c4cc38 100644 --- a/phpBB/includes/acp/acp_disallow.php +++ b/phpBB/includes/acp/acp_disallow.php @@ -28,9 +28,17 @@ class acp_disallow $this->tpl_name = 'acp_disallow'; $this->page_title = 'ACP_DISALLOW_USERNAMES'; + $form_key = 'acp_disallow'; + add_form_key($form_key); + $disallow = (isset($_POST['disallow'])) ? true : false; $allow = (isset($_POST['allow'])) ? true : false; + if (($allow || $disallow) && !check_form_key($form_key)) + { + trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + if ($disallow) { $disallowed_user = str_replace('*', '%', utf8_normalize_nfc(request_var('disallowed_user', '', true))); |