summaryrefslogtreecommitdiff
path: root/includes/sys_form.php
diff options
context:
space:
mode:
authorIgor Scheller <igor.scheller@igorshp.de>2018-09-03 15:33:13 +0100
committermsquare <msquare@notrademark.de>2018-11-21 19:24:36 +0100
commit23c0fae36fb8159bcf8b95bae98555201146457e (patch)
tree6a169114a47391adb1da701f630bb27d73e925d2 /includes/sys_form.php
parent8236989be066c51c5f57884bcc42dbc387794651 (diff)
Added csrf middleware
Diffstat (limited to 'includes/sys_form.php')
-rw-r--r--includes/sys_form.php13
1 files changed, 12 insertions, 1 deletions
diff --git a/includes/sys_form.php b/includes/sys_form.php
index a1b78b70..07a61dbb 100644
--- a/includes/sys_form.php
+++ b/includes/sys_form.php
@@ -407,7 +407,18 @@ function form_element($label, $input, $for = '')
*/
function form($elements, $action = '')
{
- return '<form action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>';
+ return '<form action="' . $action . '" enctype="multipart/form-data" method="post">'
+ . form_csrf()
+ . join($elements)
+ . '</form>';
+}
+
+/**
+ * @return string
+ */
+function form_csrf()
+{
+ return form_hidden('_token', session()->get('_token'));
}
/**