Merge branch 'master' of git@github.com:gallery/gallery3

author: Chad Kieffer <ckieffer@gmail.com> 2009-06-02 22:55:23 -0600
committer: Chad Kieffer <ckieffer@gmail.com> 2009-06-02 22:55:23 -0600
commit: 1df6db45dc569cc6f18a9d1622fce5ebe62f8d30 (patch)
tree: e4e8cac619bc2443c3e26d0f87a25c51f8a3b273 /modules/user/controllers/login.php
parent: 2bd8051c28621f6c25a3f85b73da2f94d62440f2 (diff)
parent: dde5fb96ee9db5a67b286ea4ac4f35190453a6ef (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php
index 6ee2e69d..54a7905e 100644
--- a/modules/user/controllers/login.php
+++ b/modules/user/controllers/login.php
@@ -26,6 +26,8 @@ class Login_Controller extends Controller {
   }
 
   public function auth_ajax() {
+    access::verify_csrf();
+
     list ($valid, $form) = $this->_auth("login/auth_ajax");
     if ($valid) {
       print json_encode(
@@ -42,6 +44,8 @@ class Login_Controller extends Controller {
   }
 
   public function auth_html() {
+    access::verify_csrf();
+
     list ($valid, $form) = $this->_auth("login/auth_html");
     if ($valid) {
       url::redirect("albums/1");
author	Chad Kieffer <ckieffer@gmail.com>	2009-06-02 22:55:23 -0600
committer	Chad Kieffer <ckieffer@gmail.com>	2009-06-02 22:55:23 -0600
commit	1df6db45dc569cc6f18a9d1622fce5ebe62f8d30 (patch)
tree	e4e8cac619bc2443c3e26d0f87a25c51f8a3b273 /modules/user/controllers/login.php
parent	2bd8051c28621f6c25a3f85b73da2f94d62440f2 (diff)
parent	dde5fb96ee9db5a67b286ea4ac4f35190453a6ef (diff)