Testing CSRF from admin login, if works well then we will make it official

2024-10-09 17:13:25 +01:00
parent bd30261e84
commit 99e8b20bb3
2 changed files with 18 additions and 10 deletions
--- a/ui/ui/admin-login.tpl
+++ b/ui/ui/admin-login.tpl
@ -24,6 +24,7 @@
                {$notify}
            {/if}
            <form action="{$_url}admin/post" method="post">
+                <input type="hidden" name="csrf_token" value="{$csrf_token}">
                <div class="form-group has-feedback">
                    <input type="text" required class="form-control" name="username" placeholder="{Lang::T('Username')}">
                    <span class="glyphicon glyphicon-user form-control-feedback"></span>