diff --git a/VERSION b/VERSION
index e4eccd4e6..0c2380a58 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-14.2.2
+14.2.3
diff --git a/admin/code/tce_colorpicker.php b/admin/code/tce_colorpicker.php
index 41eab35bd..77f2d1bcf 100644
--- a/admin/code/tce_colorpicker.php
+++ b/admin/code/tce_colorpicker.php
@@ -96,6 +96,7 @@ function F_html_color_picker($callingform, $callingfield, $tag)
     $onclick = 'FJ_insert_tag(window.opener.document.getElementById(\''.$callingform.'\').'.$callingfield.', \'['.$tag.'=\'+document.getElementById(\'CSELECTED\').value+\']\');';
     echo '<input type="button" name="wclose" id="wclose" value="'.$l['w_close'].'" title="'.$l['h_close_window'].'" onclick="'.$onclick.'self.close();" />'.K_NEWLINE;
     echo '</div>'.K_NEWLINE;
+    echo F_getCSRFTokenField().K_NEWLINE;
     echo '</form>'.K_NEWLINE;
     echo '</div>'.K_NEWLINE;
 ?>
diff --git a/admin/code/tce_edit_answer.php b/admin/code/tce_edit_answer.php
index a80f86f0a..48417c346 100644
--- a/admin/code/tce_edit_answer.php
+++ b/admin/code/tce_edit_answer.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_answer.php
 // Begin       : 2004-04-27
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Edit answers.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -159,8 +159,7 @@
             // check user's authorization for parent module
             if ((!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $m['subject_module_id'], 'module_user_id'))
                 and (!F_isAuthorizedUser(K_TABLE_SUBJECTS, 'subject_id', $m['question_subject_id'], 'subject_user_id'))) {
-                F_print_error('ERROR', $l['m_authorization_denied']);
-                    exit;
+                F_print_error('ERROR', $l['m_authorization_denied'], true);
             }
         }
     } else {
@@ -197,6 +196,7 @@
             <?php
             F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+            echo F_getCSRFTokenField().K_NEWLINE;
             ?>
             </div>
             </form>
@@ -890,7 +890,7 @@
 echo '&nbsp;'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_backup.php b/admin/code/tce_edit_backup.php
index f8be48160..e9ec5d76f 100644
--- a/admin/code/tce_edit_backup.php
+++ b/admin/code/tce_edit_backup.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_backup.php
 // Begin       : 2009-04-06
-// Last Update : 2014-01-27
+// Last Update : 2020-05-06
 //
 // Description : Backup and Restore TCExam Database.
 //               ONLY FOR POSIX SYSTEMS
@@ -18,7 +18,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2014 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -52,14 +52,17 @@
     $menu_mode = 'download';
 }
 
+function F_isValidbackupFile($file)
+{
+    return ((strlen($file) === 35) and (substr($file, -3) === '.gz') and (preg_match('|\.\./|i', $file) === 0) and (preg_match('/[^a-zA-Z0-9\_\-\.]+/i', $file) === 0));
+}
+
 // check backup filename
-if (isset($backup_file) and !empty($backup_file)) {
-    if ((preg_match('/[^a-zA-Z0-9\_\-\.]+/i', $backup_file) > 0) or (strlen($backup_file) != 35) or (substr($backup_file, -3) != '.gz')) {
-        // ERROR
-        F_print_error('ERROR', 'SECURITY ERROR');
-    }
+if (!empty($backup_file) and !F_isValidbackupFile($backup_file)) {
+	F_print_error('ERROR', 'SECURITY ERROR', true);
 }
 
+
 switch ($menu_mode) { // process submitted data
 
     case 'restore':{
@@ -72,6 +75,7 @@
             F_submit_button('forcerestore', $l['w_restore'], $l['h_restore']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
             echo '</div>'.K_NEWLINE;
+            echo F_getCSRFTokenField().K_NEWLINE;
             echo '</form>'.K_NEWLINE;
             echo '</div>'.K_NEWLINE;
         }
@@ -200,7 +204,7 @@
 // get backup files
 $files_list = array();
 while (false !== ($file = readdir($handle))) {
-    if (is_file(K_PATH_BACKUP.$file)) {
+    if (F_isValidbackupFile($file) and is_file(K_PATH_BACKUP.$file)) {
         $files_list[] = $file;
     }
 }
@@ -229,7 +233,7 @@
 }
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_group.php b/admin/code/tce_edit_group.php
index 3a174b9c9..1f5cff44d 100644
--- a/admin/code/tce_edit_group.php
+++ b/admin/code/tce_edit_group.php
@@ -81,6 +81,7 @@
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
         echo '</div>'.K_NEWLINE;
+        echo F_getCSRFTokenField().K_NEWLINE;
         echo '</form>'.K_NEWLINE;
         echo '</div>'.K_NEWLINE;
         break;
@@ -254,7 +255,7 @@
 F_submit_button('clear', $l['w_clear'], $l['h_clear']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_module.php b/admin/code/tce_edit_module.php
index de032383a..1bfd59a3a 100644
--- a/admin/code/tce_edit_module.php
+++ b/admin/code/tce_edit_module.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_module.php
 // Begin       : 2008-11-28
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Display form to edit modules.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -61,8 +61,7 @@
     $module_id = intval($_REQUEST['module_id']);
     // check user's authorization for module
     if (!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $module_id, 'module_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 } else {
     $module_id = 0;
@@ -97,6 +96,7 @@
             <?php
             F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+            echo F_getCSRFTokenField().K_NEWLINE;
             ?>
             </div>
             </form>
@@ -329,7 +329,7 @@
     $sql = 'SELECT user_id, user_lastname, user_firstname, user_name FROM '.K_TABLE_USERS.' WHERE user_id='.$module_user_id.'';
     if ($r = F_db_query($sql, $db)) {
         if ($m = F_db_fetch_array($r)) {
-            echo '<span style="font-style:italic;color:#333333;">('.$m['user_name'].') '.$m['user_lastname'].' '.$m['user_firstname'].'</span>'.K_NEWLINE;
+            echo '<span style="font-style:italic;color:#333333;">('.unhtmlentities(strip_tags($m['user_name'].') '.$m['user_lastname'].' '.$m['user_firstname'])).'</span>'.K_NEWLINE;
         }
     } else {
         echo '</select></span></div>'.K_NEWLINE;
@@ -365,7 +365,7 @@
 if ($rg = F_db_query($sqlg, $db)) {
     echo '<span style="font-style:italic;color#333333;font-size:small;">';
     while ($mg = F_db_fetch_array($rg)) {
-        echo ' · '.$mg['group_name'].'';
+        echo ' · '.unhtmlentities(strip_tags($mg['group_name'])).'';
     }
     echo '</span>';
 } else {
@@ -404,6 +404,7 @@
 echo '</span>'.K_NEWLINE;
 echo '&nbsp;'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_question.php b/admin/code/tce_edit_question.php
index 15c888ed5..990000bd9 100644
--- a/admin/code/tce_edit_question.php
+++ b/admin/code/tce_edit_question.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_question.php
 // Begin       : 2004-04-27
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Edit questions
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -161,8 +161,7 @@
             // check user's authorization for parent module
             if ((!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $m['subject_module_id'], 'module_user_id'))
                 and (!F_isAuthorizedUser(K_TABLE_SUBJECTS, 'subject_id', $m['question_subject_id'], 'subject_user_id'))) {
-                F_print_error('ERROR', $l['m_authorization_denied']);
-                exit;
+                F_print_error('ERROR', $l['m_authorization_denied'], true);
             }
         }
     } else {
@@ -197,6 +196,7 @@
             F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
             echo '</div>'.K_NEWLINE;
+            echo F_getCSRFTokenField().K_NEWLINE;
             echo '</form>'.K_NEWLINE;
             echo '</div>'.K_NEWLINE;
         }
@@ -871,7 +871,7 @@
 echo '&nbsp;'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_rating.php b/admin/code/tce_edit_rating.php
index bd2b2be7e..b5548a174 100644
--- a/admin/code/tce_edit_rating.php
+++ b/admin/code/tce_edit_rating.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_rating.php
 // Begin       : 2004-06-09
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Editor to manually rate free text answers.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -54,8 +54,7 @@
     $test_id = intval($_REQUEST['test_id']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 } else {
     $test_id = 0;
@@ -377,6 +376,7 @@
 }
 
 echo '</div>'.K_NEWLINE;
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_sslcerts.php b/admin/code/tce_edit_sslcerts.php
index f7dc4c4f6..73084e050 100644
--- a/admin/code/tce_edit_sslcerts.php
+++ b/admin/code/tce_edit_sslcerts.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_sslcerts.php
 // Begin       : 2013-07-04
-// Last Update : 2013-07-09
+// Last Update : 2020-05-06
 //
 // Description : Upload and edit SSL certificates.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2013 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -60,8 +60,7 @@
     $ssl_id = intval($_REQUEST['ssl_id']);
     // check user's authorization for this certificate
     if (!F_isAuthorizedUser(K_TABLE_SSLCERTS, 'ssl_id', $ssl_id, 'ssl_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 } else {
     $ssl_id = 0;
@@ -107,6 +106,7 @@
             F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
             echo '</div>'.K_NEWLINE;
+            echo F_getCSRFTokenField().K_NEWLINE;
             echo '</form>'.K_NEWLINE;
             echo '</div>'.K_NEWLINE;
         }
@@ -324,7 +324,7 @@
 F_submit_button('clear', $l['w_clear'], $l['h_clear']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_subject.php b/admin/code/tce_edit_subject.php
index c538ea2b7..2602fc028 100644
--- a/admin/code/tce_edit_subject.php
+++ b/admin/code/tce_edit_subject.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_subject.php
 // Begin       : 2004-04-26
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Display form to edit exam subject_id (topics).
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -95,8 +95,7 @@
                 // check user's authorization for parent module
                 if ((!F_isAuthorizedUser(K_TABLE_MODULES, 'module_id', $subject_module_id, 'module_user_id'))
                     and (!F_isAuthorizedUser(K_TABLE_SUBJECTS, 'subject_id', $subject_id, 'subject_user_id'))) {
-                    F_print_error('ERROR', $l['m_authorization_denied']);
-                    exit;
+                    F_print_error('ERROR', $l['m_authorization_denied'], true);
                 }
             }
         } else {
@@ -133,6 +132,7 @@
             <?php
             F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+            echo F_getCSRFTokenField().K_NEWLINE;
             ?>
             </div>
             </form>
@@ -464,7 +464,7 @@
 echo '&nbsp;'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_edit_test.php b/admin/code/tce_edit_test.php
index fecc6e1b4..f3f350e3f 100644
--- a/admin/code/tce_edit_test.php
+++ b/admin/code/tce_edit_test.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_test.php
 // Begin       : 2004-04-27
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Edit Tests
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -195,8 +195,7 @@
     $test_id = intval($_REQUEST['test_id']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 } else {
     $test_id = 0;
@@ -417,6 +416,7 @@
         <?php
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+        echo F_getCSRFTokenField().K_NEWLINE;
         ?>
         </div>
         </form>
@@ -1320,7 +1320,7 @@
         echo '</div>'.K_NEWLINE;
     }
 }
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 echo '</div>'.K_NEWLINE;
diff --git a/admin/code/tce_edit_user.php b/admin/code/tce_edit_user.php
index ddbc82003..524930508 100644
--- a/admin/code/tce_edit_user.php
+++ b/admin/code/tce_edit_user.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_edit_user.php
 // Begin       : 2002-02-08
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Edit user data.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -47,15 +47,13 @@
 if (isset($_REQUEST['user_id'])) {
     $user_id = intval($_REQUEST['user_id']);
     if (!F_isAuthorizedEditorForUser($user_id)) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 }
 if (isset($_REQUEST['group_id'])) {
     $group_id = intval($_REQUEST['group_id']);
     if (!F_isAuthorizedEditorForGroup($group_id)) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 }
 if (isset($_REQUEST['user_level'])) {
@@ -93,6 +91,7 @@
         <?php
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+        echo F_getCSRFTokenField().K_NEWLINE;
         ?>
         </div>
         </form>
@@ -183,7 +182,7 @@
             if (!$r = F_db_query($sql, $db)) {
                 F_display_db_error(false);
             } else {
-                F_print_error('MESSAGE', $user_name.': '.$l['m_user_updated']);
+                F_print_error('MESSAGE', stripslashes($user_name).': '.$l['m_user_updated']);
             }
             // remove old groups
             $old_user_groups = F_get_user_groups($user_id);
@@ -529,7 +528,7 @@
 
 echo '<input type="hidden" name="user_password" id="user_password" value="'.$user_password.'" />'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_filemanager.php b/admin/code/tce_filemanager.php
index b4282596e..182cc4238 100644
--- a/admin/code/tce_filemanager.php
+++ b/admin/code/tce_filemanager.php
@@ -139,6 +139,7 @@
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
         echo '</div>'.K_NEWLINE;
+        echo F_getCSRFTokenField().K_NEWLINE;
         echo '</form>'.K_NEWLINE;
         echo '</div>'.K_NEWLINE;
         break;
@@ -324,6 +325,7 @@
 }
 
 echo '</div>'.K_NEWLINE;
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_functions_users_online.php b/admin/code/tce_functions_users_online.php
index bb3e9b9f9..02645b0fb 100644
--- a/admin/code/tce_functions_users_online.php
+++ b/admin/code/tce_functions_users_online.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_functions_levels.php
 // Begin       : 2001-10-18
-// Last Update : 2011-05-24
+// Last Update : 2020-05-06
 //
 // Description : Functions to display online users' data.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2010  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -119,6 +119,7 @@ function F_list_online_users($wherequery, $order_field, $orderdir, $firstrow, $r
                 $user_str .= urldecode($this_session['session_user_firstname']).'';
             }
             $user_str .= ' ('.urldecode($this_session['session_user_name']).')';
+            $user_str = unhtmlentities(strip_tags($user_str));
             if (F_isAuthorizedEditorForUser($this_session['session_user_id'])) {
                 echo '<a href="tce_edit_user.php?user_id='.$this_session['session_user_id'].'">'.$user_str.'</a>';
             } else {
diff --git a/admin/code/tce_import_omr_answers.php b/admin/code/tce_import_omr_answers.php
index e5b4f2d8e..2b265cf63 100644
--- a/admin/code/tce_import_omr_answers.php
+++ b/admin/code/tce_import_omr_answers.php
@@ -181,7 +181,7 @@
 // show upload button
 F_submit_button('upload', $l['w_upload'], $l['h_submit_file']);
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_import_omr_bulk.php b/admin/code/tce_import_omr_bulk.php
index b211fa5a5..774becc9b 100644
--- a/admin/code/tce_import_omr_bulk.php
+++ b/admin/code/tce_import_omr_bulk.php
@@ -168,7 +168,7 @@
 // show upload button
 F_submit_button('upload', $l['w_upload'], $l['h_submit_file']);
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_import_questions.php b/admin/code/tce_import_questions.php
index 1e7cf7670..00e05bdcc 100644
--- a/admin/code/tce_import_questions.php
+++ b/admin/code/tce_import_questions.php
@@ -136,6 +136,7 @@
 F_submit_button('upload', $l['w_upload'], $l['h_submit_file']);
 
 echo '</div>'.K_NEWLINE;
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_import_users.php b/admin/code/tce_import_users.php
index 55de34d50..1fdee98a6 100644
--- a/admin/code/tce_import_users.php
+++ b/admin/code/tce_import_users.php
@@ -105,6 +105,7 @@
 <?php
 // show buttons by case
 F_submit_button("upload", $l['w_upload'], $l['h_submit_file']);
+echo F_getCSRFTokenField().K_NEWLINE;
 ?>
 </div>
 
diff --git a/admin/code/tce_page_info.php b/admin/code/tce_page_info.php
index 8369f10c9..e30d92684 100644
--- a/admin/code/tce_page_info.php
+++ b/admin/code/tce_page_info.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_page_info.php
 // Begin       : 2004-05-21
-// Last Update : 2019-07-31
+// Last Update : 2020-05-06
 //
 // Description : Outputs TCExam information page.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2019 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -46,7 +46,7 @@
 
 echo '<ul class="credits">'.K_NEWLINE;
 echo '<li><strong>'.$l['w_author'].':</strong> Nicola Asuni</li>'.K_NEWLINE;
-echo '<li><strong>Copyright:</strong><br /> (c) 2004-2018 Nicola Asuni - Tecnick.com LTD<br />'.K_NEWLINE;
+echo '<li><strong>Copyright:</strong><br /> (c) 2004-2020 Nicola Asuni - Tecnick.com LTD<br />'.K_NEWLINE;
 echo '<a href="mailto:info@tecnick.com">info@tecnick.com</a> - '.K_NEWLINE;
 echo '<a href="http://www.tecnick.com" title="'.$l['m_new_window_link'].'">www.tecnick.com</a></li>'.K_NEWLINE;
 echo '<li><strong>'.$l['w_license'].':</strong> <a href="../../LICENSE.TXT" title="'.$l['m_new_window_link'].'">LICENSE.TXT</a></li>'.K_NEWLINE;
diff --git a/admin/code/tce_pdf_results.php b/admin/code/tce_pdf_results.php
index 2d28e84b6..be9338c8b 100644
--- a/admin/code/tce_pdf_results.php
+++ b/admin/code/tce_pdf_results.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_pdf_results.php
 // Begin       : 2004-06-10
-// Last Update : 2017-04-22
+// Last Update : 2020-05-06
 //
 // Description : Create PDF document to display test results
 //               summary for all users.
@@ -16,7 +16,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -55,8 +55,7 @@
 }
 $onlytext = ($mode == 5);
 if (isset($_REQUEST['email']) and !checkPassword(date('Y').$testuser_id.K_RANDOM_SECURITY.$test_id.date('m').$user_id, $_REQUEST['email'])) {
-    F_print_error('ERROR', $l['m_authorization_denied']);
-    exit;
+    F_print_error('ERROR', $l['m_authorization_denied'], true);
 }
 $filter = 'sel=1';
 if (isset($_REQUEST['test_id']) and ($_REQUEST['test_id'] > 0)) {
diff --git a/admin/code/tce_popup_test_info.php b/admin/code/tce_popup_test_info.php
index 230843ae5..6716af62f 100644
--- a/admin/code/tce_popup_test_info.php
+++ b/admin/code/tce_popup_test_info.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_popup_test_info.php
 // Begin       : 2004-05-28
-// Last Update : 2009-09-30
+// Last Update : 2020-05-06
 //
 // Description : Outputs test information using popup page
 //               headers.
@@ -16,7 +16,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2010  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -46,8 +46,7 @@
     $test_id = intval($_REQUEST['testid']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
     require_once('../../shared/code/tce_functions_test.php');
     echo F_printTestInfo($test_id, true);
diff --git a/admin/code/tce_select_mediafile.php b/admin/code/tce_select_mediafile.php
index 2e976592e..6d8cd891c 100644
--- a/admin/code/tce_select_mediafile.php
+++ b/admin/code/tce_select_mediafile.php
@@ -156,6 +156,7 @@
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
         echo '</div>'.K_NEWLINE;
+        echo F_getCSRFTokenField().K_NEWLINE;
         echo '</form>'.K_NEWLINE;
         echo '</div>'.K_NEWLINE;
         break;
@@ -367,6 +368,7 @@
 }
 
 echo '</div>'.K_NEWLINE;
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/admin/code/tce_select_tests.php b/admin/code/tce_select_tests.php
index 2e286ca8c..0483e7ef2 100644
--- a/admin/code/tce_select_tests.php
+++ b/admin/code/tce_select_tests.php
@@ -137,7 +137,7 @@
 }
 
 F_select_test($order_field, $orderdir, $firstrow, $rowsperpage, $wherequery, $searchterms);
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 require_once('../code/tce_page_footer.php');
diff --git a/admin/code/tce_select_tests_popup.php b/admin/code/tce_select_tests_popup.php
index f45825f21..cdae8252d 100644
--- a/admin/code/tce_select_tests_popup.php
+++ b/admin/code/tce_select_tests_popup.php
@@ -116,7 +116,7 @@
 echo '<div class="row"><hr /></div>'.K_NEWLINE;
 
 F_show_select_test_popup($order_field, $orderdir, $firstrow, $rowsperpage, $wherequery, $searchterms, $cid);
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 require_once('../code/tce_page_footer_popup.php');
diff --git a/admin/code/tce_select_users.php b/admin/code/tce_select_users.php
index 0c6ec9a37..cf66bc67b 100644
--- a/admin/code/tce_select_users.php
+++ b/admin/code/tce_select_users.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_select_users.php
 // Begin       : 2001-09-13
-// Last Update : 2011-07-13
+// Last Update : 2020-05-06
 //
 // Description : Display user selection table.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2011  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -68,8 +68,7 @@
     $group_id = 0;
 }
 if (!F_isAuthorizedEditorForGroup($group_id)) {
-    F_print_error('ERROR', $l['m_authorization_denied']);
-    exit;
+    F_print_error('ERROR', $l['m_authorization_denied'], true);
 }
 
 echo '<form action="'.$_SERVER['SCRIPT_NAME'].'" method="post" enctype="multipart/form-data" id="form_userselect">'.K_NEWLINE;
@@ -219,7 +218,7 @@
 }
 
 F_select_user($order_field, $orderdir, $firstrow, $rowsperpage, $group_id, $wherequery, $searchterms);
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 require_once('../code/tce_page_footer.php');
diff --git a/admin/code/tce_select_users_popup.php b/admin/code/tce_select_users_popup.php
index 9bc3fdfb0..5d3b1702b 100644
--- a/admin/code/tce_select_users_popup.php
+++ b/admin/code/tce_select_users_popup.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_select_users_popup.php
 // Begin       : 2012-04-14
-// Last Update : 2012-08-22
+// Last Update : 2020-05-06
 //
 // Description : Display user selection table on popup window.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2012  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -72,8 +72,7 @@
     $group_id = 0;
 }
 if (!F_isAuthorizedEditorForGroup($group_id)) {
-    F_print_error('ERROR', $l['m_authorization_denied']);
-    exit;
+    F_print_error('ERROR', $l['m_authorization_denied'], true);
 }
 
 echo '<form action="'.$_SERVER['SCRIPT_NAME'].'" method="post" enctype="multipart/form-data" id="form_userselect">'.K_NEWLINE;
@@ -147,7 +146,7 @@
 echo '<div class="row"><hr /></div>'.K_NEWLINE;
 
 F_show_select_user_popup($order_field, $orderdir, $firstrow, $rowsperpage, $group_id, $wherequery, $searchterms, $cid);
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 require_once('../code/tce_page_footer_popup.php');
diff --git a/admin/code/tce_show_all_questions.php b/admin/code/tce_show_all_questions.php
index 05864bb3b..246311130 100644
--- a/admin/code/tce_show_all_questions.php
+++ b/admin/code/tce_show_all_questions.php
@@ -325,7 +325,7 @@
 echo '<input type="hidden" name="submitted" id="submitted" value="0" />'.K_NEWLINE;
 echo '<input type="hidden" name="usersearch" id="usersearch" value="" />'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 echo '</div>'.K_NEWLINE;
diff --git a/admin/code/tce_show_online_users.php b/admin/code/tce_show_online_users.php
index 050251607..54508b040 100644
--- a/admin/code/tce_show_online_users.php
+++ b/admin/code/tce_show_online_users.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_show_online_users.php
 // Begin       : 2001-10-18
-// Last Update :2009-09-30
+// Last Update : 2020-05-06
 //
 // Description : Display online user's data.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2010  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
diff --git a/admin/code/tce_show_result_allusers.php b/admin/code/tce_show_result_allusers.php
index 1ed43d669..06dc63dcd 100644
--- a/admin/code/tce_show_result_allusers.php
+++ b/admin/code/tce_show_result_allusers.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_show_result_allusers.php
 // Begin       : 2004-06-10
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Display test results summary for all users.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -59,8 +59,7 @@
     $test_id = intval($_REQUEST['test_id']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
     $filter .= '&amp;test_id='.$test_id.'';
     $test_group_ids = F_getTestGroups($test_id);
@@ -435,7 +434,7 @@
 echo '<input type="hidden" name="orderdir" id="orderdir" value="'.$orderdir.'" />'.K_NEWLINE;
 echo '<input type="hidden" name="itemcount" id="itemcount" value="'.$itemcount.'>" />'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 echo '</div>'.K_NEWLINE;
diff --git a/admin/code/tce_show_result_user.php b/admin/code/tce_show_result_user.php
index 960fb1a17..b0884ba9b 100644
--- a/admin/code/tce_show_result_user.php
+++ b/admin/code/tce_show_result_user.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_show_result_user.php
 // Begin       : 2004-06-10
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Display test results for specified user.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -54,8 +54,7 @@
     $test_id = intval($_REQUEST['test_id']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
     $filter .= '&amp;test_id='.$test_id.'';
 } else {
@@ -70,8 +69,7 @@
 if (isset($_REQUEST['user_id'])) {
     $user_id = intval($_REQUEST['user_id']);
     //if (!F_isAuthorizedEditorForUser($user_id)) {
-    //	F_print_error('ERROR', $l['m_authorization_denied']);
-    //	exit;
+    //	F_print_error('ERROR', $l['m_authorization_denied'], true);
     //}
     $filter .= '&amp;user_id='.$user_id;
 } else {
@@ -101,6 +99,7 @@
         F_submit_button('forcedelete', $l['w_delete'], $l['h_delete']);
         F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
         echo '</div>'.K_NEWLINE;
+        echo F_getCSRFTokenField().K_NEWLINE;
         echo '</form>'.K_NEWLINE;
         echo '</div>'.K_NEWLINE;
         break;
@@ -382,7 +381,7 @@
 
     echo '</div>'.K_NEWLINE;
 }
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 echo '</div>'.K_NEWLINE;
diff --git a/admin/code/tce_xml_question_stats.php b/admin/code/tce_xml_question_stats.php
index a178916b9..e86137016 100644
--- a/admin/code/tce_xml_question_stats.php
+++ b/admin/code/tce_xml_question_stats.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_xml_question_stats.php
 // Begin       : 2010-05-10
-// Last Update : 2013-09-05
+// Last Update : 2020-05-06
 //
 // Description : Functions to export question stats using XML
 //               or JSON format.
@@ -19,7 +19,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2013  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020  Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -47,8 +47,7 @@
     $test_id = intval($_REQUEST['testid']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
 
     $output_format = isset($_REQUEST['format']) ? strtoupper($_REQUEST['format']) : 'XML';
diff --git a/public/code/tce_password_reset.php b/public/code/tce_password_reset.php
index a291e28b1..d289d073a 100644
--- a/public/code/tce_password_reset.php
+++ b/public/code/tce_password_reset.php
@@ -103,7 +103,7 @@
 F_submit_button('resetpassword', $l['w_submit'], $l['h_submit']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/public/code/tce_pdf_results.php b/public/code/tce_pdf_results.php
index 1c21adea3..bd29438f9 100644
--- a/public/code/tce_pdf_results.php
+++ b/public/code/tce_pdf_results.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_pdf_results.php
 // Begin       : 2004-06-10
-// Last Update : 2017-04-22
+// Last Update : 2020-05-06
 //
 // Description : Create PDF document to display test results
 //               summary for all users.
@@ -16,7 +16,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -56,8 +56,7 @@
 }
 $onlytext = ($mode == 5);
 if (isset($_REQUEST['email']) and !checkPassword(date('Y').$testuser_id.K_RANDOM_SECURITY.$test_id.date('m').$user_id, $_REQUEST['email'])) {
-    F_print_error('ERROR', $l['m_authorization_denied']);
-    exit;
+    F_print_error('ERROR', $l['m_authorization_denied'], true);
 }
 $filter = 'sel=1';
 if (isset($_REQUEST['test_id']) and ($_REQUEST['test_id'] > 0)) {
diff --git a/public/code/tce_test_allresults.php b/public/code/tce_test_allresults.php
index ba57e5438..5447a65e6 100644
--- a/public/code/tce_test_allresults.php
+++ b/public/code/tce_test_allresults.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_test_allresults.php
 // Begin       : 2004-06-10
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Display test results summary.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -55,8 +55,7 @@
     $test_id = intval($_REQUEST['test_id']);
     // check user's authorization
     if (!F_isAuthorizedUser(K_TABLE_TESTS, 'test_id', $test_id, 'test_user_id')) {
-        F_print_error('ERROR', $l['m_authorization_denied']);
-        exit;
+        F_print_error('ERROR', $l['m_authorization_denied'], true);
     }
     $filter .= '&amp;test_id='.$test_id.'';
     $test_group_ids = F_getTestGroups($test_id);
@@ -274,6 +273,7 @@
     echo '<input type="hidden" name="itemcount" id="itemcount" value="'.$itemcount.'>" />'.K_NEWLINE;
     echo '</div>'.K_NEWLINE;
 }
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 
 echo '</div>'.K_NEWLINE;
diff --git a/public/code/tce_test_execute.php b/public/code/tce_test_execute.php
index 8eac6be1b..2b4fef5d8 100644
--- a/public/code/tce_test_execute.php
+++ b/public/code/tce_test_execute.php
@@ -162,6 +162,7 @@
             <?php
             F_submit_button('forceterminate', $l['w_terminate'], $l['w_terminate_exam']);
             F_submit_button('cancel', $l['w_cancel'], $l['h_cancel']);
+            echo F_getCSRFTokenField().K_NEWLINE;
             ?>
             </div>
             </form>
@@ -195,6 +196,7 @@
 
             echo K_NEWLINE;
             echo '</div>'.K_NEWLINE;
+            echo F_getCSRFTokenField().K_NEWLINE;
             echo '</form>'.K_NEWLINE;
         }
 
diff --git a/public/code/tce_user_change_email.php b/public/code/tce_user_change_email.php
index 8f712610f..53edb45ec 100644
--- a/public/code/tce_user_change_email.php
+++ b/public/code/tce_user_change_email.php
@@ -111,7 +111,7 @@
 F_submit_button('update', $l['w_update'], $l['h_update']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/public/code/tce_user_change_password.php b/public/code/tce_user_change_password.php
index e48ab2b89..7685548e4 100644
--- a/public/code/tce_user_change_password.php
+++ b/public/code/tce_user_change_password.php
@@ -100,7 +100,7 @@
 F_submit_button('update', $l['w_update'], $l['h_update']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/public/code/tce_user_registration.php b/public/code/tce_user_registration.php
index 722e6d905..b4e1b2ca3 100644
--- a/public/code/tce_user_registration.php
+++ b/public/code/tce_user_registration.php
@@ -85,7 +85,7 @@
 
     if ($formstatus = F_check_form_fields()) { // check submitted form fields
         // check if name is unique
-        if (!F_check_unique(K_TABLE_USERS, 'user_name=\''.$user_name.'\'')) {
+        if (!F_check_unique(K_TABLE_USERS, 'user_name=\''.F_escape_sql($db, $user_name).'\'')) {
             F_print_error('WARNING', $l['m_duplicate_name']);
             $formstatus = false;
             F_stripslashes_formfields();
@@ -334,7 +334,7 @@
 F_submit_button('add', $l['w_add'], $l['h_add']);
 
 echo '</div>'.K_NEWLINE;
-
+echo F_getCSRFTokenField().K_NEWLINE;
 echo '</form>'.K_NEWLINE;
 echo '</div>'.K_NEWLINE;
 
diff --git a/shared/code/tce_functions_authorization.php b/shared/code/tce_functions_authorization.php
index 45422d805..69768f88f 100644
--- a/shared/code/tce_functions_authorization.php
+++ b/shared/code/tce_functions_authorization.php
@@ -48,6 +48,7 @@ function F_loginForm($faction, $fid, $fmethod, $fenctype, $username)
     global $l;
     require_once('../config/tce_config.php');
     require_once('../../shared/config/tce_user_registration.php');
+     require_once('../../shared/code/tce_functions_form.php');
     $str = '';
     $str .= '<div class="container">'.K_NEWLINE;
     if (K_USRREG_ENABLED) {
@@ -75,6 +76,7 @@ function F_loginForm($faction, $fid, $fmethod, $fenctype, $username)
     // the following field is used to check if the form has been submitted
     $str .= '<input type="hidden" name="logaction" id="logaction" value="login" />'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
+    $str .= F_getCSRFTokenField().K_NEWLINE;
     $str .= '</form>'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
     $str .= '<div class="pagehelp">'.$l['hp_login'].'</div>'.K_NEWLINE;
@@ -154,6 +156,7 @@ function F_logout_form()
     $str .= '<input type="hidden" name="logaction" id="logaction" value="" />'.K_NEWLINE;
     $str .= '<input type="submit" name="login" id="login" value="'.$l['w_logout'].'" />'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
+    $str .= F_getCSRFTokenField().K_NEWLINE;
     $str .= '</form>'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
     return $str;
diff --git a/shared/code/tce_functions_errmsg.php b/shared/code/tce_functions_errmsg.php
index 48220deda..f856cad99 100644
--- a/shared/code/tce_functions_errmsg.php
+++ b/shared/code/tce_functions_errmsg.php
@@ -45,6 +45,8 @@ function F_print_error($messagetype = 'MESSAGE', $messagetoprint = '', $exit = f
     require_once(dirname(__FILE__).'/../config/tce_config.php');
     global $l;
     $messagetype = strtolower($messagetype);
+    $messagetoprint = unhtmlentities(strip_tags($messagetoprint));
+    $messagetoprint = str_replace("'", "\'", $messagetoprint);
     //message is appended to the log file
     if (K_USE_ERROR_LOG and (!strcmp($messagetype, 'error'))) {
         $logsttring = date(K_TIMESTAMP_FORMAT).K_TAB;
@@ -79,8 +81,6 @@ function F_print_error($messagetype = 'MESSAGE', $messagetoprint = '', $exit = f
             //display message on JavaScript Alert Window.
             echo '<script type="text/javascript">'.K_NEWLINE;
             echo '//<![CDATA['.K_NEWLINE;
-            $messagetoprint = unhtmlentities(strip_tags($messagetoprint));
-            $messagetoprint = str_replace("'", "\'", $messagetoprint);
             echo 'alert(\'['.$msgtitle.']: '.$messagetoprint.'\');'.K_NEWLINE;
             echo '//]]>'.K_NEWLINE;
             echo '</script>'.K_NEWLINE;
diff --git a/shared/code/tce_functions_form.php b/shared/code/tce_functions_form.php
index ee7138346..d1af6f005 100644
--- a/shared/code/tce_functions_form.php
+++ b/shared/code/tce_functions_form.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_functions_form.php
 // Begin       : 2001-11-07
-// Last Update : 2018-07-06
+// Last Update : 2020-05-06
 //
 // Description : Functions to handle XHTML Form Fields.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2018 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -50,8 +50,13 @@
 } elseif (isset($_POST['addquestion'])) {
     $menu_mode = 'addquestion';
 }
-if (!isset($menu_mode)) {
+if (empty($menu_mode)) {
     $menu_mode = '';
+} else {
+    // check for CSRF
+    if (empty($_POST['csrf_token']) or !checkCSRFToken($_POST['csrf_token'])) {
+        exit();
+    }
 }
 
 define('K_EMAIL_RE_PATTERN', '^([a-zA-Z0-9_\.\-\+\%]+)@([a-zA-Z0-9\.\-]+)$');
@@ -209,6 +214,16 @@ function F_submit_button($name, $value, $title = "")
     echo '<input type="submit" name="'.$name.'" id="'.$name.'" value="'.$value.'" title="'.$title.'" />';
 }
 
+
+/**
+ * Returns XHTML code string to display the CSRF token field.
+ * @return XHTML code string
+ */
+function F_getCSRFTokenField()
+{
+    return '<input type="hidden" name="csrf_token" id="csrf_token" value="'.F_getCSRFToken().'" />';
+}
+
 /**
  * Print input row form.
  * @param $field_name (string) Name of the form field.
diff --git a/shared/code/tce_functions_session.php b/shared/code/tce_functions_session.php
index 8545e75fa..8d3555746 100644
--- a/shared/code/tce_functions_session.php
+++ b/shared/code/tce_functions_session.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_functions_session.php
 // Begin       : 2001-09-26
-// Last Update : 2019-04-30
+// Last Update : 2020-05-06
 //
 // Description : User-level session storage functions.
 //
@@ -15,7 +15,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2019  Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -246,6 +246,38 @@ function checkPassword($password, $hash)
     return password_verify($password, $hash);
 }
 
+/**
+ * Generate unencoded CSRF token string
+ * 
+ * @return string
+ */
+function getPlainCSRFToken()
+{
+    $inc = get_included_files();
+    return $inc[0].session_id().K_RANDOM_SECURITY.getClientFingerprint();
+}
+
+/**
+ * Check the CSRF token
+ * @param $token (string) tocken to check
+ * 
+ * @return boolean
+ */
+function checkCSRFToken($token)
+{
+    return checkPassword(getPlainCSRFToken(), $token);
+}
+
+/**
+ * Generate CSRF token
+ * 
+ * @return string
+ */
+function F_getCSRFToken()
+{
+    return getPasswordHash(getPlainCSRFToken());
+}
+
 // ------------------------------------------------------------
 
 // Sets user-level session storage functions.
diff --git a/shared/code/tce_functions_test.php b/shared/code/tce_functions_test.php
index 82a21e0e4..4cd8fb8d5 100644
--- a/shared/code/tce_functions_test.php
+++ b/shared/code/tce_functions_test.php
@@ -2,7 +2,7 @@
 //============================================================+
 // File name   : tce_functions_test.php
 // Begin       : 2004-05-28
-// Last Update : 2016-03-15
+// Last Update : 2020-05-06
 //
 // Description : Functions to handle test generation, status
 //               and user access.
@@ -16,7 +16,7 @@
 //               info@tecnick.com
 //
 // License:
-//    Copyright (C) 2004-2013 Nicola Asuni - Tecnick.com LTD
+//    Copyright (C) 2004-2020 Nicola Asuni - Tecnick.com LTD
 //    See LICENSE.TXT file for more information.
 //============================================================+
 
@@ -449,7 +449,7 @@ function F_testInfoLink($test_id, $link_name = '')
     $onclickinfo .= 'return false;';
     $str .= '<a href="tce_popup_test_info.php?testid='.$test_id.'" onclick="'.$onclickinfo.'" title="'.$l['m_new_window_link'].'">';
     if (strlen($link_name) > 0) {
-        $str .= $link_name;
+        $str .= unhtmlentities(strip_tags($link_name));
     } else {
         $str .= $l['w_info'];
     }
@@ -471,9 +471,12 @@ function F_printTestInfo($test_id, $showip = false)
     $str = ''; //string to return
     $boolval = array($l['w_no'], $l['w_yes']);
     //$ordmode = Array($l['w_position'], $l['w_alphabetic'], $l['w_id']);
-    $sql = 'SELECT * FROM '.K_TABLE_TESTS.' WHERE test_id='.$test_id.'';
+    $sql = 'SELECT * FROM '.K_TABLE_TESTS.' WHERE test_id='.$test_id.' LIMIT 1';
     if ($r = F_db_query($sql, $db)) {
         if ($m = F_db_fetch_array($r)) {
+            if (!F_isValidTestUser($test_id, $_SESSION['session_user_ip'], $m['test_ip_range'])) {
+                return '';
+            }
             $str .= '<h1>'.htmlspecialchars($m['test_name'], ENT_NOQUOTES, $l['a_meta_charset']).'</h1>'.K_NEWLINE;
             $str .= '<div class="tcecontentbox">'.F_decode_tcecode($m['test_description']).'<br /><br /></div>'.K_NEWLINE;
             $str .= '<div class="tceformbox">'.K_NEWLINE;
@@ -2148,6 +2151,7 @@ function F_testLoginForm($faction, $fid, $fmethod, $fenctype, $test_id)
 {
     global $l;
     require_once('../config/tce_config.php');
+    require_once('../../shared/code/tce_functions_form.php');
     $str = '';
     $str .= '<div class="container">'.K_NEWLINE;
     $str .= '<div class="tceformbox">'.K_NEWLINE;
@@ -2161,6 +2165,7 @@ function F_testLoginForm($faction, $fid, $fmethod, $fenctype, $test_id)
     $str .= '<input type="hidden" name="testpswaction" id="testpswaction" value="login" />'.K_NEWLINE;
     $str .= '<input type="hidden" name="testid" id="testid" value="'.intval($test_id).'" />'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
+    $str .= F_getCSRFTokenField().K_NEWLINE;
     $str .= '</form>'.K_NEWLINE;
     $str .= '</div>'.K_NEWLINE;
     $str .= '<div class="pagehelp">'.$l['hp_test_password'].'</div>'.K_NEWLINE;
diff --git a/shared/code/tce_functions_test_stats.php b/shared/code/tce_functions_test_stats.php
index 3f61e9768..06fa0165d 100644
--- a/shared/code/tce_functions_test_stats.php
+++ b/shared/code/tce_functions_test_stats.php
@@ -774,6 +774,7 @@ function F_printTestResultStat($data, $nextorderdir, $order_field, $filter, $pub
     $ret .= '<th title="'.$l['h_testcomment'].'">'.$l['w_comment'].'</th>'.K_NEWLINE;
     $ret .= '</tr>'.K_NEWLINE;
     foreach ($data['testuser'] as $tu) {
+        $tu['test']['test_name'] = unhtmlentities(strip_tags($tu['test']['test_name']));
         $ret .= '<tr>';
         $ret .= '<td>';
         $ret .= '<input type="checkbox" name="testuserid'.$tu['num'].'" id="testuserid'.$tu['num'].'" value="'.$tu['id'].'" title="'.$l['w_select'].'"';