diff options
| author | Michael Klier <chi@chimeric.de> | 2007-09-04 20:53:55 +0200 |
|---|---|---|
| committer | Michael Klier <chi@chimeric.de> | 2007-09-04 20:53:55 +0200 |
| commit | cc670e1ba1a9ec3870e091734458b22f4a63cf56 (patch) | |
| tree | 6d1d962fbba42e3390e1b8ddab0a35458bb93faf | |
| parent | 98a80b9578f9a83339e9d41dfac91dc039332f91 (diff) | |
| download | rpg-cc670e1ba1a9ec3870e091734458b22f4a63cf56.tar.gz rpg-cc670e1ba1a9ec3870e091734458b22f4a63cf56.tar.bz2 | |
send security token on login/logout
darcs-hash:20070904185355-23886-e5cbed2357a2697a593409ed0a31f044423db2e1.gz
| -rw-r--r-- | inc/template.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/inc/template.php b/inc/template.php index 463a2e0ce..10719c08c 100644 --- a/inc/template.php +++ b/inc/template.php @@ -497,9 +497,9 @@ function tpl_button($type){ case 'login': if($conf['useacl'] && $auth){ if($_SERVER['REMOTE_USER']){ - print html_btn('logout',$ID,'',array('do' => 'logout',)); + print html_btn('logout',$ID,'',array('do' => 'logout', 'sectok' => getSecurityToken())); }else{ - print html_btn('login',$ID,'',array('do' => 'login')); + print html_btn('login',$ID,'',array('do' => 'login', 'sectok' => getSecurityToken())); } return true; } @@ -635,11 +635,11 @@ function tpl_actionlink($type,$pre='',$suf='',$inner=''){ case 'login': if($conf['useacl'] && $auth){ if($_SERVER['REMOTE_USER']){ - tpl_link(wl($ID,'do=logout'), + tpl_link(wl($ID,'do=logout&sectok='.getSecurityToken()), $pre.(($inner)?$inner:$lang['btn_logout']).$suf, 'class="action logout" rel="nofollow"'); }else{ - tpl_link(wl($ID,'do=login'), + tpl_link(wl($ID,'do=login&sectok='.getSecurityToken()), $pre.(($inner)?$inner:$lang['btn_login']).$suf, 'class="action login" rel="nofollow"'); } |