diff options
author | Andrew Dolgov <[email protected]> | 2011-12-26 12:02:52 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2011-12-26 12:02:52 +0400 |
commit | 8484ce22584b8714622833adcc7ebfe3ef9cf90e (patch) | |
tree | 057d7a64c3af60e2389d519ba19e476b5fbe6212 /classes/pref_prefs.php | |
parent | 036cd3a4106cf2eee0be72f0695458dfb517976b (diff) |
experimental CSRF protection
Diffstat (limited to 'classes/pref_prefs.php')
-rw-r--r-- | classes/pref_prefs.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/classes/pref_prefs.php b/classes/pref_prefs.php index 5a216d2b1..03e39caa5 100644 --- a/classes/pref_prefs.php +++ b/classes/pref_prefs.php @@ -1,6 +1,12 @@ <?php class Pref_Prefs extends Protected_Handler { + function csrf_ignore($method) { + $csrf_ignored = array("index"); + + return array_search($method, $csrf_ignored) !== false; + } + function changepassword() { $old_pw = $_POST["old_password"]; |