MDL-20901 fixed input validation

mod/glossary/import.html

@@ -46,6 +46,7 @@
 </table>
 <div>
 <input type="hidden" name="id" value="<?php p($id) ?>" />
+<input type="hidden" name="sesskey" value="<?php echo sesskey() ?>" />
 <input type="hidden" name="step" value="1" />
 </div>
 </form>

mod/glossary/import.php

@@ -82,6 +82,7 @@ if ( !$step ) {
     exit;
 }
 
+require_sesskey();
 $form = data_submitted();
 $file = $_FILES["file"];
 

mod/glossary/rate.php

@@ -46,7 +46,7 @@
         $returnurl = $CFG->wwwroot.'/mod/glossary/view.php?id='.$cm->id;
     }
 
-    if ($data = data_submitted()) {    // form submitted
+    if ($data = data_submitted() and confirm_sesskey()) {    // form submitted
 
     /// Calculate scale values
         $scale_values = make_grades_menu($glossary->scale);

mod/glossary/view.php

@@ -417,6 +417,7 @@ if ($allentries) {
         echo "<form method=\"post\" action=\"rate.php\">";
         echo "<div>";
         echo "<input type=\"hidden\" name=\"glossaryid\" value=\"$glossary->id\" />";
+        echo "<input type=\"hidden\" name=\"sesskey\" value=\"".sesskey()."\" />";
     }
 
     foreach ($allentries as $entry) {