Skip to content
Permalink
Browse files
[plugin:dbsync] support "HYP_CSRF_TOKEN"
  • Loading branch information
nao-pon committed Aug 16, 2013
1 parent 91df7e8 commit 9e11374d03768265b0a92abbf77b52994f749fa5
Showing with 2 additions and 3 deletions.
  1. +2 −3 xoops_trust_path/modules/xpwiki/plugin/dbsync.inc.php
@@ -869,16 +869,15 @@ function attach_db_init()

function plugin_dbsync_next_do()
{
// global $script,$post,$_links_messages;

//$token = $this->func->get_token_html();
$token = '';
$token = !empty($_SESSION['HYP_CSRF_TOKEN'])? '<input type="hidden" name="HypToken" value="'.htmlspecialchars($_SESSION['HYP_CSRF_TOKEN']).'" />' : '';
$script = $this->func->get_script_uri();
$html = <<<__EOD__
<form method="POST" action="{$script}" onsubmit="return pukiwiki_check(this);">
<div>
{$token}
<input type="hidden" name="encode_hint" value="" />
<input type="hidden" name="encode_hint" value="{$this->cont['PKWK_ENCODING_HINT']}" />
<input type="hidden" name="plugin" value="dbsync" />
<input type="hidden" name="pmode" value="update" />
<input type="hidden" name="init" value="{$this->root->post['init']}" />

0 comments on commit 9e11374

Please sign in to comment.