Skip to content
This repository was archived by the owner on Jun 25, 2024. It is now read-only.

Commit bec4c61

Browse files
forevermattforevermatt
authored
Add CSRF token hidden form field
1 parent c3b3be2 commit bec4c61

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

themes/material/core/loginuserpass.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
<?php
33
$siteKey = $this->data['recaptcha.siteKey'] ?? null;
44
$username = $this->data['username'] ?? null;
5+
$csrfToken = $this->data['csrfToken'] ?? null;
56

67
$errorCode = $this->data['errorcode'] ?? null;
78
$errorMessageKey = $this->data['errorparams'][1] ?? '{material:login:error_wronguserpass}';
@@ -54,6 +55,7 @@ function onRecaptchaLoad() {
5455

5556
<input type="hidden" name="AuthState"
5657
value="<?= htmlspecialchars($this->data['stateparams']['AuthState']) ?>" />
58+
<input type="hidden" name="csrf-token" value="<?= htmlentities($csrfToken); ?>" />
5759

5860
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
5961
<label for="username" class="mdl-textfield__label">

0 commit comments

Comments
 (0)