bd2999526e
fixed change pw templates; added csrf token added csrf protection for password reset fixed reset and change pass templates; were missing csrf token (form only tpl)
16 lines
459 B
PHP
16 lines
459 B
PHP
<?php
|
|
|
|
// Make sure we are called from index.php
|
|
if (!defined('SECURITY'))
|
|
die('Hacking attempt');
|
|
|
|
// csrf token
|
|
if ($config['csrf']['enabled'] && $config['csrf']['options']['sitewide']) {
|
|
// we have to use editaccount token because this can be called from 2 places
|
|
$token = $csrftoken->getBasic($user->getCurrentIP(), 'editaccount', 'mdyH');
|
|
$smarty->assign('CTOKEN', $token);
|
|
}
|
|
// Tempalte specifics
|
|
$smarty->assign("CONTENT", "default.tpl");
|
|
?>
|