diff options
| author | Thomas Tanghus <thomas@tanghus.net> | 2012-06-14 12:48:09 +0200 |
|---|---|---|
| committer | Thomas Tanghus <thomas@tanghus.net> | 2012-06-14 13:23:12 +0200 |
| commit | 756eb3548fcab5f610bccee50d6581e2a3bcd36c (patch) | |
| tree | bd0685924bf0c4c2af36733438c921acbaa3c22c /apps/contacts | |
| parent | b0ecef02e905972bdd963ba03610e5c025a36e1b (diff) | |
| download | nextcloud-server-756eb3548fcab5f610bccee50d6581e2a3bcd36c.tar.gz nextcloud-server-756eb3548fcab5f610bccee50d6581e2a3bcd36c.zip | |
Use the right csrf token.
Diffstat (limited to 'apps/contacts')
| -rw-r--r-- | apps/contacts/templates/part.cropphoto.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/contacts/templates/part.cropphoto.php b/apps/contacts/templates/part.cropphoto.php index 1e025ef4e0c..1079afc808a 100644 --- a/apps/contacts/templates/part.cropphoto.php +++ b/apps/contacts/templates/part.cropphoto.php @@ -1,7 +1,7 @@ <?php $id = $_['id']; $tmpkey = $_['tmpkey']; -$csrf_token = $_GET['csrf_token']; +$requesttoken = $_['requesttoken']; OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmpkey: '.$tmpkey, OCP\Util::DEBUG); ?> <script language="Javascript"> @@ -49,7 +49,7 @@ OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmpkey: '.$tmpkey, action="<?php echo OCP\Util::linkToAbsolute('contacts', 'ajax/savecrop.php'); ?>"> <input type="hidden" id="id" name="id" value="<?php echo $id; ?>" /> - <input type="hidden" name="requesttoken" value="<?php echo $csrf_token; ?>"> + <input type="hidden" name="requesttoken" value="<?php echo $requesttoken; ?>"> <input type="hidden" id="tmpkey" name="tmpkey" value="<?php echo $tmpkey; ?>" /> <fieldset id="coords"> <input type="hidden" id="x1" name="x1" value="" /> |