tobias/friendica
1
0
Fork 0
Code Pull requests Activity

Use CSRF token as name and value for contact deletion confirm form

Browse source
This commit is contained in:
Hypolite Petovan 2021-09-14 17:28:42 -04:00
parent 06b8f93eae
commit 44ec4de14c
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/Module/Contact.php
View file

@ -432,7 +432,8 @@ class Contact extends BaseModule
'$message' => DI::l10n()->t('Do you really want to delete this contact?'),
'$confirm' => DI::l10n()->t('Yes'),
'$confirm_url' => DI::args()->getCommand(),
'$confirm_name' => 'confirmed',
'$confirm_name' => 't',
'$confirm_value' => BaseModule::getFormSecurityToken('contact_action'),
'$cancel' => DI::l10n()->t('Cancel'),
]);
}