| /blog/add-post.php |
|---|
| 21,6 → 21,8 |
| if (isset($_POST['post'])) |
| { |
| $page->checkCSRFToken($page->getLoggedInUser()->ID, $_POST['csrftoken']); |
| $title = $_POST['title']; |
| $content = $_POST['content']; |
| $parentID = $_POST['parentID']; |
| 78,6 → 80,7 |
| </tr> |
| <input type="hidden" name="post" value="yes" /> |
| <input type="hidden" name="csrftoken" value="<?php echo $page->getCSRFToken($page->getLoggedInUser()->ID); ?>" /> |
| <?php |
| write('<input type="hidden" name="parentID" value="' . getParentID() . '" />'); |
| /blog/edit-post.php |
|---|
| 28,6 → 28,8 |
| $error = ''; |
| if (isset($_POST['id'])) { |
| $page->checkCSRFToken($page->getLoggedInUser()->ID, $_POST['csrftoken']); |
| $title = $_POST['title']; |
| $content = $_POST['content']; |
| $category = $_POST['category']; |
| 71,8 → 73,9 |
| <?php |
| write('<input type="hidden" name="id" value="' . $id . '" />'); |
| ?> |
| <input type="hidden" name="csrftoken" value=""<?php echo $page->getCSRFToken($page->getLoggedInUser()->ID); ?>" /> |
| <tr> |
| <tr> |
| <td class="bold"></td> |
| <td><input type="submit" value="Edit" /></td> |
| </tr> |