From: Tim Hunt <T.J.Hunt@open.ac.uk>
Date: Mon, 2 Nov 2009 17:15:18 +0000 (+0000)
Subject: question bank: MDL-20707 prevent XSRF.
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=81d1f0914d6f821cb9e611999019b9bd373ccfd9;p=moodle.git

question bank: MDL-20707 prevent XSRF.
Uses new require_sesskey function from MDL-20702.
---

diff --git a/question/category.php b/question/category.php
index df43238814..03652e7e48 100644
--- a/question/category.php
+++ b/question/category.php
@@ -47,7 +47,7 @@
 
     $streditingcategories = get_string('editcategories', 'quiz');
     if ($param->left || $param->right || $param->moveup || $param->movedown|| $param->moveupcontext || $param->movedowncontext){
-        confirm_sesskey();
+        require_sesskey();
         foreach ($qcobject->editlists as $list){
             //processing of these actions is handled in the method where appropriate and page redirects.
             $list->process_actions($param->left, $param->right, $param->moveup, $param->movedown,