error("Only the admin can use this page");
}
+ if (!confirm_sesskey()) {
+ error(get_string('confirmsesskeybad', 'error'));
+ }
/// If data submitted, then process and store.
notify("Problem saving config $name as $value");
}
}
- redirect("auth.php", get_string("changessaved"), 1);
+ redirect("auth.php?sesskey=$USER->sesskey", get_string("changessaved"), 1);
exit;
} else {
echo "<center><p><b>";
echo "<form target=\"{$CFG->framename}\" name=\"authmenu\" method=\"post\" action=\"auth.php\">";
+ echo "<input type=\"hidden\" name=\"sesskey\" value=\"".$USER->sesskey."\">";
print_string("chooseauthmethod","auth");
- choose_from_menu ($options, "auth", $auth, "","document.location='auth.php?auth='+document.authmenu.auth.options[document.authmenu.auth.selectedIndex].value", "");
+ choose_from_menu ($options, "auth", $auth, "","document.location='auth.php?sesskey=$USER->sesskey&auth='+document.authmenu.auth.options[document.authmenu.auth.selectedIndex].value", "");
echo "</b></p></center>";
$configdata);
- $userdata = "<font size=+1> </font><a href=\"auth.php\">".get_string("authentication")."</a> - <font size=\"1\">".
+ $userdata = "<font size=+1> </font><a href=\"auth.php?sesskey=$USER->sesskey\">".get_string("authentication")."</a> - <font size=\"1\">".
get_string("adminhelpauthentication")."</font><br />";
$userdata .= "<font size=+1> </font><a href=\"user.php\">".get_string("edituser")."</a> - <font size=\"1\">".
get_string("adminhelpedituser")."</font><br />";
$table->align = array ("right", "left");
- $table->data[] = array("<b><a href=\"auth.php\">".get_string("authentication")."</a></b>",
+ $table->data[] = array("<b><a href=\"auth.php?sesskey=$USER->sesskey\">".get_string("authentication")."</a></b>",
get_string("adminhelpauthentication"));
$table->data[] = array("<b><a href=\"user.php\">".get_string("edituser")."</a></b>",
projects / moodle.git / commitdiff