Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk

author: lpsolit%gmail.com <> 2006-10-15 07:02:09 +0200
committer: lpsolit%gmail.com <> 2006-10-15 07:02:09 +0200
commit: 93815fc7619567cc962e053280c5ed0b19492feb (patch)
tree: ffc99d8156c41fbd0d5ab8801324adead2ef4436 /template/en/default/admin/components
parent: 6fcfcb93eda16108f71b4c96010bae95cde622cd (diff)
download: bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.gz
bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.xz
3 files changed, 3 insertions, 1 deletions
diff --git a/template/en/default/admin/components/confirm-delete.html.tmpl b/template/en/default/admin/components/confirm-delete.html.tmpl
index e7e00636e..1d7553f83 100644
--- a/template/en/default/admin/components/confirm-delete.html.tmpl
+++ b/template/en/default/admin/components/confirm-delete.html.tmpl
@@ -150,6 +150,7 @@
   <input type="hidden" name="action" value="delete">
   <input type="hidden" name="product" value="[% product.name FILTER html %]">
   <input type="hidden" name="component" value="[% comp.name FILTER html %]">
+  <input type="hidden" name="token" value="[% token FILTER html %]">
   </form>
 
 [% END %]
diff --git a/template/en/default/admin/components/create.html.tmpl b/template/en/default/admin/components/create.html.tmpl
index 013ee861e..9b4a19bf0 100644
--- a/template/en/default/admin/components/create.html.tmpl
+++ b/template/en/default/admin/components/create.html.tmpl
@@ -102,7 +102,7 @@
   <input type="hidden" name='open_name' value='All Open'>
   <input type="hidden" name='nonopen_name' value='All Closed'>
   <input type="hidden" name='product' value="[% product.name FILTER html %]">
-
+  <input type="hidden" name="token" value="[% token FILTER html %]">
 </form>
 
 [% PROCESS admin/components/footer.html.tmpl %]
diff --git a/template/en/default/admin/components/edit.html.tmpl b/template/en/default/admin/components/edit.html.tmpl
index 6ee3a69fe..81a6e9fc2 100644
--- a/template/en/default/admin/components/edit.html.tmpl
+++ b/template/en/default/admin/components/edit.html.tmpl
@@ -119,6 +119,7 @@
    <input type="hidden" name="action" value="update">
    <input type="hidden" name="componentold" value="[% comp.name FILTER html %]">
    <input type="hidden" name="product" value="[% product.name FILTER html %]">
+   <input type="hidden" name="token" value="[% token FILTER html %]">
    <input type="submit" value="Update" id="update"> or <a 
         href="editcomponents.cgi?action=del&amp;product=
         [%- product.name FILTER url_quote %]&amp;component=
author	lpsolit%gmail.com <>	2006-10-15 07:02:09 +0200
committer	lpsolit%gmail.com <>	2006-10-15 07:02:09 +0200
commit	93815fc7619567cc962e053280c5ed0b19492feb (patch)
tree	ffc99d8156c41fbd0d5ab8801324adead2ef4436 /template/en/default/admin/components
parent	6fcfcb93eda16108f71b4c96010bae95cde622cd (diff)
download	bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.gz bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.xz