projects / squirrelmail.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Implemented security token system. (Secunia Advisory SA34627)
[squirrelmail.git] / templates / default / read_menubar_buttons.tpl
diff --git a/templates/default/read_menubar_buttons.tpl b/templates/default/read_menubar_buttons.tpl
index 83791cb0a86065cdf6a8f615fcc8f0c3b3a265af..092f07020bcb0d603102ad7927af4299d8e858a7 100644 (file)
--- a/templates/default/read_menubar_buttons.tpl
+++ b/templates/default/read_menubar_buttons.tpl
@@ -123,6 +123,7 @@ if ($nav_on_top) {
     if ($can_be_deleted) {
         ?>
     <form name="deleteMessageForm" action="<?php echo $move_delete_form_action; ?>" method="post">
+     <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token(); ?>" />
      <?php echo $delete_form_extra; ?>
      <small>
      <input type="submit" name="delete" <?php if ($accesskey_read_msg_delete != 'NONE') echo 'accesskey="' . $accesskey_read_msg_delete . '" '; ?>value="<?php echo _("Delete"); ?>" />
@@ -139,6 +140,7 @@ if ($nav_on_top) {
     if ($can_be_moved) {
         ?>
     <form name="moveMessageForm" action="<?php echo $move_delete_form_action; ?>" method="post">
+     <input type="hidden" name="smtoken" value="<?php echo sm_generate_security_token(); ?>" />
      <?php echo $move_form_extra; ?>
      <small>
      <?php echo _("Move To"); ?>:
Unnamed repository; edit this file 'description' to name the repository.