oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Automatically add a token to any autogenerated form.

Browse source 
Refactor previous commits to take advantage of that.
This commit is contained in:
Colin Kuskie 2009-07-06 17:20:27 +00:00
parent 5e4db3adb4
commit 02e9354c15
7 changed files with 2 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/WebGUI/Form.pm
View file

@ -95,7 +95,7 @@ sub formFooter {
=head2 formHeader ( session, options )
Returns a form header.
Returns a form header. Also generates a CSRF token for use with the form.
=head3 session
@ -141,7 +141,7 @@ sub formHeader {
my $enctype = (exists $params->{enctype} && $params->{enctype} ne "") ? $params->{enctype} : "multipart/form-data";
# Fix a query string in the action URL
my $hidden;
my $hidden = csrfToken($session);
if ($action =~ /\?/) {
($action, my $query) = split /\?/, $action, 2;
my @params = split /[&;]/, $query;