Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

edit.php is using sesskey

  • Loading branch information...
commit 58b956518450a66357cba57aaf061de1b05e93f5 1 parent 4a25390
stronk7 authored
Showing with 4 additions and 1 deletion.
  1. +1 −0  course/edit.html
  2. +3 −1 course/edit.php
View
1  course/edit.html
@@ -260,4 +260,5 @@
<td><input type="submit" value="<?php print_string("savechanges") ?>"></td>
</table>
<input type="hidden" name="id" value="<?php echo $form->id ?>">
+<input type="hidden" name="sesskey" value="<?php echo $form->sesskey ?>">
</form>
View
4 course/edit.php
@@ -36,7 +36,7 @@
/// If data submitted, then process and store.
- if ($form = data_submitted()) {
+ if ($form = data_submitted() and confirm_sesskey()) {
if (empty($course)) {
check_for_restricted_user($USER->username, "$CFG->wwwroot");
@@ -187,6 +187,8 @@
"<a href=\"index.php\">$strcategories</a> -> $straddnewcourse", $focus);
}
+ $form->sesskey = !empty($USER->id) ? $USER->sesskey : '';
+
print_heading($streditcoursesettings);
print_simple_box_start("center", "", "$THEME->cellheading");
include("edit.html");
Please sign in to comment.
Something went wrong with that request. Please try again.