aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp/acp_permission_roles.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/acp/acp_permission_roles.php')
-rw-r--r--phpBB/includes/acp/acp_permission_roles.php8
1 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/acp/acp_permission_roles.php b/phpBB/includes/acp/acp_permission_roles.php
index 57fd4c1ea5..ea21f52da7 100644
--- a/phpBB/includes/acp/acp_permission_roles.php
+++ b/phpBB/includes/acp/acp_permission_roles.php
@@ -35,6 +35,9 @@ class acp_permission_roles
$action = request_var('action', '');
$action = (isset($_POST['add'])) ? 'add' : $action;
+ $form_name = 'acp_permissions';
+ add_form_key($form_name);
+
switch ($mode)
{
case 'admin_roles':
@@ -134,6 +137,11 @@ class acp_permission_roles
case 'add':
+ if(!check_form_key($form_name))
+ {
+ trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
+ }
+
$role_name = utf8_normalize_nfc(request_var('role_name', '', true));
$role_description = utf8_normalize_nfc(request_var('role_description', '', true));
$auth_settings = request_var('setting', array('' => 0));
generated by cgit v1.2.1 (git 2.21.0) at 2025-11-03 18:19:57 +0000