summaryrefslogtreecommitdiffstats
path: root/template/en/default/admin/custom_fields
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2006-10-15 07:02:09 +0200
committerlpsolit%gmail.com <>2006-10-15 07:02:09 +0200
commit93815fc7619567cc962e053280c5ed0b19492feb (patch)
treeffc99d8156c41fbd0d5ab8801324adead2ef4436 /template/en/default/admin/custom_fields
parent6fcfcb93eda16108f71b4c96010bae95cde622cd (diff)
downloadbugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.gz
bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.xz
Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
Diffstat (limited to 'template/en/default/admin/custom_fields')
-rw-r--r--template/en/default/admin/custom_fields/create.html.tmpl1
-rw-r--r--template/en/default/admin/custom_fields/edit.html.tmpl1
2 files changed, 2 insertions, 0 deletions
diff --git a/template/en/default/admin/custom_fields/create.html.tmpl b/template/en/default/admin/custom_fields/create.html.tmpl
index e8b66deca..995c4d0a9 100644
--- a/template/en/default/admin/custom_fields/create.html.tmpl
+++ b/template/en/default/admin/custom_fields/create.html.tmpl
@@ -102,6 +102,7 @@
</table>
<br>
<input type="hidden" name="action" value="new">
+ <input type="hidden" name="token" value="[% token FILTER html %]">
<input type="submit" id="create" value="Create">
</form>
diff --git a/template/en/default/admin/custom_fields/edit.html.tmpl b/template/en/default/admin/custom_fields/edit.html.tmpl
index 6ffa3d89d..2165ac323 100644
--- a/template/en/default/admin/custom_fields/edit.html.tmpl
+++ b/template/en/default/admin/custom_fields/edit.html.tmpl
@@ -98,6 +98,7 @@
<br>
<input type="hidden" name="action" value="update">
<input type="hidden" name="name" value="[% field.name FILTER html %]">
+ <input type="hidden" name="token" value="[% token FILTER html %]">
<input type="submit" id="edit" value="Submit">
</form>