[geeklog-cvs] Geeklog-1.x/public_html/layout/professional/admin/group groupeditor.thtml, 1.7, 1.8 groupmembers.thtml, 1.14, 1.15

Dirk Haun dhaun at qs1489.pair.com
Sun May 18 07:37:22 EDT 2008 

Update of /cvsroot/geeklog/Geeklog-1.x/public_html/layout/professional/admin/group
In directory qs1489.pair.com:/tmp/cvs-serv15795/public_html/layout/professional/admin/group

Modified Files:
	groupeditor.thtml groupmembers.thtml 
Log Message:
More CSRF protection


Index: groupmembers.thtml
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/layout/professional/admin/group/groupmembers.thtml,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** groupmembers.thtml	25 Nov 2007 06:59:21 -0000	1.14
--- groupmembers.thtml	18 May 2008 11:37:20 -0000	1.15
***************
*** 42,48 ****
                      <input type="button" value="{lang_cancel}" onclick="javascript:history.go(-1)"{xhtml}>  
                      <input type="submit" value="{lang_save}" onclick="return setUsers(this.form)"{xhtml}>
                  </td>
              </tr>
          </table>
      </form>
! </div>
\ No newline at end of file
--- 42,49 ----
                      <input type="button" value="{lang_cancel}" onclick="javascript:history.go(-1)"{xhtml}>  
                      <input type="submit" value="{lang_save}" onclick="return setUsers(this.form)"{xhtml}>
+                     <input type="hidden" name="{gltoken_name}" value="{gltoken}"{xhtml}>
                  </td>
              </tr>
          </table>
      </form>
! </div>

Index: groupeditor.thtml
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/public_html/layout/professional/admin/group/groupeditor.thtml,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** groupeditor.thtml	25 Nov 2007 06:59:21 -0000	1.7
--- groupeditor.thtml	18 May 2008 11:37:20 -0000	1.8
***************
*** 54,57 ****
--- 54,58 ----
                                              <input type="hidden" name="grp_id" value="{group_id}"{xhtml}>
                                              <input type="hidden" name="chk_showall" value="{show_all}"{xhtml}>
+                                             <input type="hidden" name="{gltoken_name}" value="{gltoken}"{xhtml}>
                                          </td>
                                      </tr>

More information about the geeklog-cvs mailing list