Fix Missing CSRF in unused modals

admin/modals/contract_template/contract_template_add.php

@@ -30,6 +30,8 @@ ob_start();
 </ul>
 
 <form action="post.php" method="post" autocomplete="off">
+    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
+
     <div class="modal-body">
         <div class="tab-content" id="contractTemplateTabContent">
 

admin/modals/contract_template/contract_template_edit.php

@@ -52,6 +52,7 @@ ob_start();
 </ul>
 
 <form action="post.php" method="post" autocomplete="off">
+    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
     <input type="hidden" name="contract_template_id" value="<?php echo $contract_template_id; ?>">
 
     <div class="modal-body">

admin/modals/custom_field/custom_field_create.php

@@ -8,6 +8,7 @@
                 </button>
             </div>
             <form action="post.php" method="post" autocomplete="off">
+                <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
                 <input type="hidden" name="table" value="<?php echo nullable_htmlentities($table); ?>">
 
                 <div class="modal-body">

admin/modals/custom_field/custom_field_edit.php

@@ -8,6 +8,7 @@
                 </button>
             </div>
             <form action="post.php" method="post" autocomplete="off">
+                <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
                 <input type="hidden" name="custom_field_id" value="<?php echo $custom_field_id; ?>">
                 <div class="modal-body">
 

admin/modals/user/user_export.php

@@ -13,6 +13,7 @@ ob_start();
     </button>
 </div>
 <form action="post.php" method="post" autocomplete="off">
+    <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token'] ?>">
     <div class="modal-body">
 
     </div>