Skip to content
Browse files

MDL-17227 forum: add sesskey to post/discussion deletion. Backported …

…from HEAD
  • Loading branch information...
1 parent 9173d81 commit df09bb83a155c5bad50feab52039818b8c96b9ea stronk7 committed Nov 14, 2008
Showing with 4 additions and 4 deletions.
  1. +4 −4 mod/forum/post.php
View
8 mod/forum/post.php
@@ -505,7 +505,7 @@
$replycount = forum_count_replies($post);
- if (!empty($confirm)) { // User has confirmed the delete
+ if (!empty($confirm) && confirm_sesskey()) { // User has confirmed the delete
if ($post->totalscore) {
notice(get_string("couldnotdeleteratings", "forum"),
@@ -561,7 +561,7 @@
}
print_header();
notice_yesno(get_string("deletesureplural", "forum", $replycount+1),
- "post.php?delete=$delete&confirm=$delete",
+ "post.php?delete=$delete&confirm=$delete&sesskey=".sesskey(),
$CFG->wwwroot.'/mod/forum/discuss.php?d='.$post->discussion.'#'.$post->id);
forum_print_post($post, $course->id, $ownpost=false, $reply=false, $link=false);
@@ -576,7 +576,7 @@
} else {
print_header();
notice_yesno(get_string("deletesure", "forum", $replycount),
- "post.php?delete=$delete&confirm=$delete",
+ "post.php?delete=$delete&confirm=$delete&sesskey=".sesskey(),
$CFG->wwwroot.'/mod/forum/discuss.php?d='.$post->discussion.'#'.$post->id);
forum_print_post($post, $forum->course, $ownpost=false, $reply=false, $link=false);
}
@@ -818,4 +818,4 @@
print_footer($course);
-?>
+?>

0 comments on commit df09bb8

Please sign in to comment.
Something went wrong with that request. Please try again.