summaryrefslogtreecommitdiff
path: root/modules/notification/controllers
diff options
context:
space:
mode:
authorTim Almdal <tnalmdal@shaw.ca>2009-02-02 13:28:42 +0000
committerTim Almdal <tnalmdal@shaw.ca>2009-02-02 13:28:42 +0000
commit9e01c80ef477c9c916f3f1c1b572d43ce663b148 (patch)
tree3e3670ea30dc3a8f78bb484a42f990fba361d36b /modules/notification/controllers
parent5d637a3254bb7ad37a60a279a77fc04de1141617 (diff)
Enable csrf validation on the add/remove notification controller
Diffstat (limited to 'modules/notification/controllers')
-rw-r--r--modules/notification/controllers/notification.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/modules/notification/controllers/notification.php b/modules/notification/controllers/notification.php
index 94dcfddc..8722f890 100644
--- a/modules/notification/controllers/notification.php
+++ b/modules/notification/controllers/notification.php
@@ -19,6 +19,8 @@
*/
class Notification_Controller extends Controller {
function watch($id) {
+ access::verify_csrf();
+
$item = ORM::factory("item", $id);
access::required("view", $item);
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 07:11:23 +0000