rooty/OwncloudContactsOfficial
1
0
Fork 0
mirror of https://github.com/owncloudarchive/contacts.git synced 2025-01-30 19:52:17 +01:00
Code Issues Releases Activity

Use the right csrf token.

Browse Source
This commit is contained in:
Thomas Tanghus 2012-06-14 12:48:09 +02:00
parent 6898f4256a
commit 24d8c297db
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
templates/part.cropphoto.php
View File

@ -1,7 +1,7 @@
<?php
$id = $_['id'];
$tmpkey = $_['tmpkey'];
$csrf_token = $_GET['csrf_token'];
$requesttoken = $_['requesttoken'];
OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmpkey: '.$tmpkey, OCP\Util::DEBUG);
?>
<script language="Javascript">
@ -49,7 +49,7 @@ OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmpkey: '.$tmpkey,
action="<?php echo OCP\Util::linkToAbsolute('contacts', 'ajax/savecrop.php'); ?>">
<input type="hidden" id="id" name="id" value="<?php echo $id; ?>" />
<input type="hidden" name="requesttoken" value="<?php echo $csrf_token; ?>">
<input type="hidden" name="requesttoken" value="<?php echo $requesttoken; ?>">
<input type="hidden" id="tmpkey" name="tmpkey" value="<?php echo $tmpkey; ?>" />
<fieldset id="coords">
<input type="hidden" id="x1" name="x1" value="" />