diff options
| author |   Marc Alexander <admin@m-a-styles.de> | 2019-05-02 19:39:11 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2019-05-02 19:39:11 +0200 |
| commit | 21b52567408341fcb69baae66c051f4d0a0e256b (patch) | |
| tree | 79e702b81d6584395b4c3384e4508b312f30e106 | |
| parent | Merge pull request #5579 from VSEphpbb/ticket/16037 (diff) | |
| parent | [ticket/16036] Add S_FORM_TOKEN_LOGIN to all login forms (diff) | |
| download | phpbb-21b52567408341fcb69baae66c051f4d0a0e256b.tar.gz phpbb-21b52567408341fcb69baae66c051f4d0a0e256b.tar.bz2 phpbb-21b52567408341fcb69baae66c051f4d0a0e256b.zip | |
Merge pull request #5578 from rubencm/ticket/16036
[ticket/16036] Add S_FORM_TOKEN_LOGIN to all login forms
| -rw-r--r-- | phpBB/includes/functions.php | 3 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/login_forum.html | 1 | ||||
| -rw-r--r-- | phpBB/styles/prosilver/template/viewforum_body.html | 1 | ||||
| -rw-r--r-- | phpBB/viewforum.php | 3 |
4 files changed, 8 insertions, 0 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 1d1c9f6f4f..9032b79cbf 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2664,6 +2664,9 @@ function login_forum_box($forum_data) page_header($user->lang['LOGIN']); + // Add form token for login box + add_form_key('login', '_LOGIN'); + $template->assign_vars(array( 'FORUM_NAME' => isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '', 'S_LOGIN_ACTION' => build_url(array('f')), diff --git a/phpBB/styles/prosilver/template/login_forum.html b/phpBB/styles/prosilver/template/login_forum.html index 7fa9736a96..c5c36d4564 100644 --- a/phpBB/styles/prosilver/template/login_forum.html +++ b/phpBB/styles/prosilver/template/login_forum.html @@ -25,6 +25,7 @@ <dd><input type="password" tabindex="1" id="password" name="password" size="25" class="inputbox narrow" autocomplete="off" /></dd> </dl> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} <dl> <dt> </dt> <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" id="login" class="button1" value="{L_LOGIN}" tabindex="2" /></dd> diff --git a/phpBB/styles/prosilver/template/viewforum_body.html b/phpBB/styles/prosilver/template/viewforum_body.html index 045f801ce5..d7099f387f 100644 --- a/phpBB/styles/prosilver/template/viewforum_body.html +++ b/phpBB/styles/prosilver/template/viewforum_body.html @@ -114,6 +114,7 @@ <dd><input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></dd> </dl> {S_LOGIN_REDIRECT} + {S_FORM_TOKEN_LOGIN} </fieldset> </div> diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 72c96e2d2d..5525a0d462 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -198,6 +198,9 @@ if (!($forum_data['forum_type'] == FORUM_POST || (($forum_data['forum_flags'] & // We also make this circumstance available to the template in case we want to display a notice. ;) if (!$auth->acl_gets('f_read', 'f_list_topics', $forum_id)) { + // Add form token for login box + add_form_key('login', '_LOGIN'); + $template->assign_vars(array( 'S_NO_READ_ACCESS' => true, )); |