Permalink
Browse files

MDL-20901 fixed input validation

  • Loading branch information...
1 parent 35c1839 commit d7befb3835d031dd750026cabb34e8850d8d6ab8 @skodak skodak committed Nov 21, 2009
Showing with 2 additions and 1 deletion.
  1. +1 −0 mod/forum/lib.php
  2. +1 −1 mod/forum/rate.php
View
@@ -3765,6 +3765,7 @@ function forum_print_discussion($course, $forum, $discussion, $post, $mode, $can
echo '<div class="ratingform">';
echo '<input type="hidden" name="id" value="'.$course->id.'" />';
echo '<input type="hidden" name="forumid" value="'.$forum->id.'" />';
+ echo '<input type="hidden" name="sesskey" value="'.sesskey().'" />';
$ratingsformused = true;
}
}
View
@@ -39,7 +39,7 @@
}
}
- if ($data) {
+ if ($data and confirm_sesskey()) {
$lastpostid = 0;

0 comments on commit d7befb3

Please sign in to comment.