1
0
Fork 0

Add CSRF field variable to all forms

master
Anonymous Contributor 2023-08-23 18:16:34 +02:00
parent 3e8d0d3778
commit 20ae77b90b
8 changed files with 10 additions and 1 deletions

View File

@ -30,6 +30,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%&CSRF%&
<button type="submit" name="createIdent" class="btn btn-primary btn-lg">Erstelle Identität</button> <button type="submit" name="createIdent" class="btn btn-primary btn-lg">Erstelle Identität</button>
</div> </div>
</div> </div>

View File

@ -16,6 +16,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<button type="submit" name="generateLink" class="btn btn-primary btn-lg">Link Generieren</button> <button type="submit" name="generateLink" class="btn btn-primary btn-lg">Link Generieren</button>
</div> </div>
</div> </div>

View File

@ -35,6 +35,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<button type="submit" name="savePassword" class="btn btn-primary btn-lg">Speichern</button> <button type="submit" name="savePassword" class="btn btn-primary btn-lg">Speichern</button>
</div> </div>
</div> </div>

View File

@ -50,6 +50,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<button type="submit" name="saveProfileData" class="btn btn-primary btn-lg">Speichern</button> <button type="submit" name="saveProfileData" class="btn btn-primary btn-lg">Speichern</button>
</div> </div>
</div> </div>
@ -84,6 +85,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<center><button type="submit" name="savePassword" class="btn btn-primary btn-lg">Speichern</button></center> <center><button type="submit" name="savePassword" class="btn btn-primary btn-lg">Speichern</button></center>
</div> </div>
</div> </div>
@ -103,6 +105,7 @@
<form action="index.php?page=profile" method="post"> <form action="index.php?page=profile" method="post">
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<center><button type="submit" name="createIAR" class="btn btn-primary btn-lg" %%IARBUTTONSTATE%%>IAR erstellen</button></center> <center><button type="submit" name="createIAR" class="btn btn-primary btn-lg" %%IARBUTTONSTATE%%>IAR erstellen</button></center>
</div> </div>
</div> </div>

View File

@ -23,6 +23,7 @@
<div class="row" style="margin-top: 15px;"> <div class="row" style="margin-top: 15px;">
<div class="col"> <div class="col">
%%CSRF%%
<button type="submit" name="generateLink" class="btn btn-primary btn-lg">Link Generieren</button> <button type="submit" name="generateLink" class="btn btn-primary btn-lg">Link Generieren</button>
</div> </div>
</div> </div>

View File

@ -105,7 +105,7 @@
{ {
$entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>'; $entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).' <span class="badge badge-info">Aktiv</span></td><td>-</td></tr>';
}else{ }else{
$entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post"><input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktievieren</button></form></td></tr>'; $entry = '<tr><td>'.htmlspecialchars(trim($RUNTIME['OPENSIM']->getUserName($row['IdentityID']))).'</td><td><form action="index.php?page=identities" method="post">%%CSRF%%<input type="hidden" name="newuuid" value="'.htmlspecialchars($row['IdentityID']).'"><button type="submit" name="enableIdent" class="btn btn-success btn-sm">Aktievieren</button></form></td></tr>';
} }
$table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table); $table = str_replace("%%ENTRY%%", $entry."%%ENTRY%%", $table);

View File

@ -52,6 +52,7 @@
</div> </div>
<div class="container-login100-form-btn m-t-17"> <div class="container-login100-form-btn m-t-17">
%%CSRF%%
<button class="login100-form-btn" name="login"> <button class="login100-form-btn" name="login">
Anmelden Anmelden
</button> </button>

View File

@ -62,6 +62,7 @@
</div> </div>
<div class="container-login100-form-btn m-t-17"> <div class="container-login100-form-btn m-t-17">
%%CSRF%%
<input type="hidden" name="code" value="%%INVCODE%%"> <input type="hidden" name="code" value="%%INVCODE%%">
<button class="login100-form-btn" name="doRegister"> <button class="login100-form-btn" name="doRegister">
Registrieren Registrieren