Add security tokens to change password plugin

[squirrelmail.git] / plugins / change_password / functions.php

diff --git a/plugins/change_password/functions.php b/plugins/change_password/functions.php
index f4de30cd806ba27dd08578a96f99b0304ff48579..1e511274c4f710fce3621f395350c55c6ef150bd 100644 (file)
--- a/plugins/change_password/functions.php
+++ b/plugins/change_password/functions.php
@@ -105,7 +105,7 @@ function cpw_do_change()
 
     /* make sure we write the session data before we redirect */
     session_write_close();
-    header('Location: '.SM_PATH. 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1');
+    header('Location: '.SM_PATH. 'src/options.php?optmode=submit&optpage=change_password&plugin_change_password=1&smtoken=' . sm_generate_security_token());
     exit;
 }