From 12ba9472f717849de39ad2648d2613f23a048077 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Sun, 11 Sep 2011 01:11:03 +0000 Subject: [PATCH] Fixed broken highlighting form (missing security tokens) (#3381117) git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@14144 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- src/options_highlight.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/options_highlight.php b/src/options_highlight.php index 13a6d991..4362d4e4 100644 --- a/src/options_highlight.php +++ b/src/options_highlight.php @@ -32,7 +32,7 @@ sqGetGlobalVar('newcolor_input', $newcolor_input); sqGetGlobalVar('color_type', $color_type); sqGetGlobalVar('match_type', $match_type); sqGetGlobalVar('value', $value); -sqgetGlobalVar('smtoken', $submitted_token, SQ_POST, ''); +sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, ''); /* end of get globals */ @@ -151,11 +151,13 @@ foreach($message_highlight_list as $index=>$rule) { $oTemplate->assign('current_rules', $rules); +$token = sm_generate_security_token(); + $oTemplate->assign('add_rule', 'options_highlight.php?action=add'); $oTemplate->assign('edit_rule', 'options_highlight.php?action=edit&theid='); -$oTemplate->assign('delete_rule', 'options_highlight.php?action=delete&theid='); -$oTemplate->assign('move_up', 'options_highlight.php?action=up&theid='); -$oTemplate->assign('move_down', 'options_highlight.php?action=down&theid='); +$oTemplate->assign('delete_rule', 'options_highlight.php?action=delete&smtoken=' . $token . '&theid='); +$oTemplate->assign('move_up', 'options_highlight.php?action=up&smtoken=' . $token . '&theid='); +$oTemplate->assign('move_down', 'options_highlight.php?action=down&smtoken=' . $token . '&theid='); $oTemplate->display('options_highlight_list.tpl'); -- 2.25.1