diff options
author | Andrew Dolgov <[email protected]> | 2020-09-16 06:43:55 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2020-09-16 06:43:55 +0300 |
commit | 33fdde249e8a40968bba42590e8ed17145ff9e30 (patch) | |
tree | 5ee6004e1ad1dbec67de5f8b168111e4fbe8d2a6 /classes/pref | |
parent | f693ebab21cc60f0290bea201c0dd05cd019669e (diff) |
pass CSRF token to opml import and feed icon replace dialogs
Diffstat (limited to 'classes/pref')
-rwxr-xr-x | classes/pref/feeds.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/classes/pref/feeds.php b/classes/pref/feeds.php index 8cdb1577c..a6a543b76 100755 --- a/classes/pref/feeds.php +++ b/classes/pref/feeds.php @@ -772,6 +772,7 @@ class Pref_Feeds extends Handler_Protected { <input style='display: none' id='icon_file' size='10' name='icon_file' type='file'> </label> <input type='hidden' name='op' value='pref-feeds'> + <input type='hidden' name='csrf_token' value='".$_SESSION['csrf_token']."'> <input type='hidden' name='feed_id' value='$feed_id'> <input type='hidden' name='method' value='uploadicon'> <button dojoType='dijit.form.Button' onclick=\"return CommonDialogs.uploadFeedIcon();\" @@ -1325,6 +1326,7 @@ class Pref_Feeds extends Handler_Protected { <input style='display : none' id='opml_file' name='opml_file' type='file'> </label> <input type='hidden' name='op' value='dlg'> + <input type='hidden' name='csrf_token' value='".$_SESSION['csrf_token']."'> <input type='hidden' name='method' value='importOpml'> <button dojoType='dijit.form.Button' class='alt-primary' onclick=\"return Helpers.OPML.import();\" type=\"submit\">" . __('Import OPML') . "</button>"; |