Permalink
Browse files

course/editsection.php is using sesskey.

  • Loading branch information...
1 parent 58b9565 commit ac63a3f445d1c2ebf941096cb85d39e83ed33c6c stronk7 committed Oct 8, 2004
Showing with 4 additions and 1 deletion.
  1. +1 −0 course/editsection.html
  2. +3 −1 course/editsection.php
View
@@ -22,6 +22,7 @@
</tr>
</table>
<input type="hidden" name=id value="<?php echo $form->id ?>">
+<input type="hidden" name=sesskey value="<?php echo $form->sesskey ?>">
<input type="submit" value="<?php print_string("savechanges") ?>">
</form>
</center>
View
@@ -23,7 +23,7 @@
/// If data submitted, then process and store.
- if ($form = data_submitted()) {
+ if ($form = data_submitted() and confirm_sesskey()) {
$timenow = time();
@@ -43,6 +43,8 @@
$form = $section;
}
+ $form->sesskey = !empty($USER->id) ? $USER->sesskey : '';
+
$usehtmleditor = can_use_html_editor();
$sectionname = get_string("name$course->format");

0 comments on commit ac63a3f

Please sign in to comment.