mirror/php-monstra
1
0
Fork 0
mirror of https://github.com/monstra-cms/monstra.git synced 2025-08-02 19:27:52 +02:00
Code Issues Releases Wiki Activity

Snippets Plugin: csrf vulnerability resolved

Browse Source
This commit is contained in:
Awilum
2012-10-03 14:48:27 +03:00
parent b78dfcb642
commit f6541b7858
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/box/snippets/views/backend/index.view.php Normal file → Executable file
View File

@@ -23,7 +23,7 @@
<td>
<?php echo Html::anchor(__('Edit', 'snippets'), 'index.php?id=snippets&action=edit_snippet&filename='.basename($snippet, '.snippet.php'), array('class' => 'btn btn-actions')); ?>
<?php echo Html::anchor(__('Delete', 'snippets'),
'index.php?id=snippets&action=delete_snippet&filename='.basename($snippet, '.snippet.php'),
'index.php?id=snippets&action=delete_snippet&filename='.basename($snippet, '.snippet.php').'&token='.Security::token(),
array('class' => 'btn btn-actions', 'onclick' => "return confirmDelete('".__('Delete snippet: :snippet', 'snippets', array(':snippet' => basename($snippet, '.snippet.php')))."')"));
?>
</td>