From 4defd8a8306fa8daa25427a37fb6db00bff390c7 Mon Sep 17 00:00:00 2001
From: Henry Sudhof <kellanved@phpbb.com>
Date: Wed, 3 Oct 2007 15:05:54 +0000
Subject: Ok, here comes a big one. Poor updater. Also requires testing.

#i91
#i92
#i93
#i94
#i95
#i96


git-svn-id: file:///svn/phpbb/trunk@8120 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/includes/ucp/ucp_pm_compose.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'phpBB/includes/ucp/ucp_pm_compose.php')

diff --git a/phpBB/includes/ucp/ucp_pm_compose.php b/phpBB/includes/ucp/ucp_pm_compose.php
index ae2e367795..a22fc57761 100644
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@@ -25,6 +25,7 @@ function compose_pm($id, $mode, $action)
 	{
 		$action = 'post';
 	}
+	add_form_key('ucp_pm_compose');
 
 	// Grab only parameters needed here
 	$to_user_id		= request_var('u', 0);
@@ -532,6 +533,10 @@ function compose_pm($id, $mode, $action)
 
 	if ($submit || $preview || $refresh)
 	{
+		if (!check_form_key('ucp_pm_compose'))
+		{
+			$error[] = $user->lang['FORM_INVALID'];
+		}
 		$subject = utf8_normalize_nfc(request_var('subject', '', true));
 		$message_parser->message = utf8_normalize_nfc(request_var('message', '', true));
 
-- 
cgit v1.2.1