Add CSRF protection

Signed-off-by: Florian Pritz <bluewind@xinu.at>

2 files changed, 4 insertions, 4 deletions

diff --git a/application/views/file/client.php b/application/views/file/client.php
index 5e141f141..29e254a80 100644
--- a/application/views/file/client.php
+++ b/application/views/file/client.php
@@ -42,7 +42,7 @@ machine <?php echo $domain; ?> login my_username password my_secret_password
 <h1>Shell</h1>
 
 <pre>
-curl -n -F "file=@/home/user/foo" <?php echo site_url(); ?>   (binary safe)
-cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url(); ?>   (binary safe)
+curl -n -F "file=@/home/user/foo" <?php echo site_url("file/do_upload"); ?>   (binary safe)
+cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url("file/do_upload"); ?>   (binary safe)
 </pre>
 
diff --git a/application/views/file_plaintext/client.php b/application/views/file_plaintext/client.php
index b37fd81bd..0ab556df2 100644
--- a/application/views/file_plaintext/client.php
+++ b/application/views/file_plaintext/client.php
@@ -1,6 +1,6 @@
 Shell (binary safe):
-  curl -n -F "file=@/home/user/foo" <?php echo site_url()."\n"; ?>
-  cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url()."\n"; ?>
+  curl -n -F "file=@/home/user/foo" <?php echo site_url("file/do_upload")."\n"; ?>
+  cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url("file/do_upload")."\n"; ?>
 
 Client:
 Development (git): http://git.server-speed.net/users/flo/fb