From 66d2bed97d77042bdcd15cbeb71f058918c8f614 Mon Sep 17 00:00:00 2001
From: Adrian Lang <lang@cosmocode.de>
Date: Tue, 9 Feb 2010 10:51:54 +0100
Subject: Add security token to subscription manage page

---
 inc/actions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'inc/actions.php')

diff --git a/inc/actions.php b/inc/actions.php
index 1fda0584e..b7567bc20 100644
--- a/inc/actions.php
+++ b/inc/actions.php
@@ -571,7 +571,7 @@ function act_subscription($act){
     }
 
     // any action given? if not just return and show the subscription page
-    if(!$params['action']) return $act;
+    if(!$params['action'] || !checkSecurityToken()) return $act;
 
     // Handle POST data, may throw exception.
     trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
-- 
cgit v1.2.3