Mibew/tray
1
0
Fork 0
mirror of https://github.com/Mibew/tray.git synced 2025-01-22 18:10:34 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

add csrf token to performance and features views

Browse Source
This commit is contained in:
YuFei Zhu 2012-05-01 13:20:03 +01:00 committed by Dmitriy Simushev
parent 69463ded6b
commit da790fc8d2
4 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/messenger/webim/operator/features.php
View File

@ -23,6 +23,8 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
require_once('../libs/settings.php'); require_once('../libs/settings.php');
csrfchecktoken();
$operator = check_login(); $operator = check_login();
$page = array('agentId' => ''); $page = array('agentId' => '');

4
src/messenger/webim/operator/performance.php
View File

@ -23,6 +23,8 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
require_once('../libs/settings.php'); require_once('../libs/settings.php');
csrfchecktoken();
$operator = check_login(); $operator = check_login();
$page = array('agentId' => ''); $page = array('agentId' => '');
@ -129,4 +131,4 @@ prepare_menu($operator);
setup_settings_tabs(2); setup_settings_tabs(2);
start_html_output(); start_html_output();
require('../view/performance.php'); require('../view/performance.php');
?> ?>

6
src/messenger/webim/view/features.php
View File

@ -85,6 +85,10 @@ require_once('inc_errors.php');
<?php } ?> <?php } ?>
<form name="features" method="post" action="<?php echo $webimroot ?>/operator/features.php"> <form name="features" method="post" action="<?php echo $webimroot ?>/operator/features.php">
<!-- add auth token -->
<?php print_csrf_token_input() ?>
<input type="hidden" name="sent" value="true"/> <input type="hidden" name="sent" value="true"/>
<div> <div>
<?php print_tabbar(); ?> <?php print_tabbar(); ?>
@ -241,4 +245,4 @@ require_once('inc_errors.php');
} /* content */ } /* content */
require_once('inc_main.php'); require_once('inc_main.php');
?> ?>

5
src/messenger/webim/view/performance.php
View File

@ -40,6 +40,9 @@ require_once('inc_errors.php');
<form name="performance" method="post" action="<?php echo $webimroot ?>/operator/performance.php"> <form name="performance" method="post" action="<?php echo $webimroot ?>/operator/performance.php">
<!-- add auth token -->
<?php print_csrf_token_input() ?>
<div> <div>
<?php print_tabbar(); ?> <?php print_tabbar(); ?>
<div class="mform"><div class="formtop"><div class="formtopi"></div></div><div class="forminner"> <div class="mform"><div class="formtop"><div class="formtopi"></div></div><div class="forminner">
@ -156,4 +159,4 @@ require_once('inc_errors.php');
} /* content */ } /* content */
require_once('inc_main.php'); require_once('inc_main.php');
?> ?>