diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2010-01-24 15:49:02 -0800 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2010-01-24 15:49:02 -0800 |
| commit | 26eb000637fb83c04919e1e18c67b1441db76da6 (patch) | |
| tree | 5bdc8ae5968a861bae10abdf58354a3be9fac984 /modules/gallery/controllers/user_profile.php | |
| parent | c9ea1a64de16af16180c106a3012919150d3cf60 (diff) | |
add CSRF protection to the user profile send method.
Diffstat (limited to 'modules/gallery/controllers/user_profile.php')
| -rw-r--r-- | modules/gallery/controllers/user_profile.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 6159894d..3a7e0200 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -51,6 +51,7 @@ class User_Profile_Controller extends Controller { } public function send($id) { + access::verify_csrf(); $user = identity::lookup_user($id); $form = user_profile::get_contact_form($user); if ($form->validate()) { |