diff options
author | Igor Scheller <igor.scheller@igorshp.de> | 2018-09-03 15:33:13 +0100 |
---|---|---|
committer | msquare <msquare@notrademark.de> | 2018-11-21 19:24:36 +0100 |
commit | 23c0fae36fb8159bcf8b95bae98555201146457e (patch) | |
tree | 6a169114a47391adb1da701f630bb27d73e925d2 /includes/sys_form.php | |
parent | 8236989be066c51c5f57884bcc42dbc387794651 (diff) |
Added csrf middleware
Diffstat (limited to 'includes/sys_form.php')
-rw-r--r-- | includes/sys_form.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/includes/sys_form.php b/includes/sys_form.php index a1b78b70..07a61dbb 100644 --- a/includes/sys_form.php +++ b/includes/sys_form.php @@ -407,7 +407,18 @@ function form_element($label, $input, $for = '') */ function form($elements, $action = '') { - return '<form action="' . $action . '" enctype="multipart/form-data" method="post">' . join($elements) . '</form>'; + return '<form action="' . $action . '" enctype="multipart/form-data" method="post">' + . form_csrf() + . join($elements) + . '</form>'; +} + +/** + * @return string + */ +function form_csrf() +{ + return form_hidden('_token', session()->get('_token')); } /** |