diff options
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/inc/auth.php b/inc/auth.php index 045ced066..3e5362a41 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -613,6 +613,7 @@ function updateprofile() { global $auth; if(empty($_POST['save'])) return false; + if(!checkSecurityToken()) return false; // should not be able to get here without Profile being possible... if(!$auth->canDo('Profile')) { |