AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add missing CSRF checks

Browse Source
This commit is contained in:
Frédéric Guillot
2021-06-05 14:33:19 -07:00
committed by fguillot
parent 41102ec161
commit 71123b0f37
23 changed files with 58 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Template/task_comments/show.php
View File

@@ -4,7 +4,7 @@
<?php if (!isset($is_public) || !$is_public): ?>
<div class="comment-sorting">
<small>
<?= $this->url->icon('sort', t('Change sorting'), 'CommentController', 'toggleSorting', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
<?= $this->url->icon('sort', t('Change sorting'), 'CommentController', 'toggleSorting', array('task_id' => $task['id'], 'project_id' => $task['project_id'], 'csrf_token' => $this->app->getToken()->getReusableCSRFToken())) ?>
<?php if ($editable): ?>
<?= $this->modal->medium('paper-plane', t('Send by email'), 'CommentMailController', 'create', array('task_id' => $task['id'], 'project_id' => $task['project_id'])) ?>
<?php endif ?>