Ignore:
Timestamp:
Sep 13, 2010, 9:40:42 PM (14 years ago)
Author:
nikrou
Message:

Fix bug 1856 : CSRF issue that allow to change admin password

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/profile.php

    r6363 r6897  
    2626$edit_user = build_user( $_GET['user_id'], false );
    2727
     28if (!empty($_POST))
     29{
     30  check_pwg_token();
     31}
     32
    2833include_once(PHPWG_ROOT_PATH.'profile.php');
    29 
    3034
    3135$errors = array();
Note: See TracChangeset for help on using the changeset viewer.