diff options
| author | Frederic Guillot <fred@kanboard.net> | 2017-09-23 20:56:54 -0700 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2017-09-23 20:56:54 -0700 |
| commit | 3e0f14ae2b0b5a44bd038a472f17eac75f538524 (patch) | |
| tree | 031247eca17a7a3d1d73490f5c10b12cbe9caadb /app/Template/comment/edit.php | |
| parent | 074f6c104f3e49401ef0065540338fc2d4be79f0 (diff) | |
Do not expose IDs in forms
Diffstat (limited to 'app/Template/comment/edit.php')
| -rw-r--r-- | app/Template/comment/edit.php | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/app/Template/comment/edit.php b/app/Template/comment/edit.php index 04f6ffd4..db8d2921 100644 --- a/app/Template/comment/edit.php +++ b/app/Template/comment/edit.php @@ -4,9 +4,6 @@ <form method="post" action="<?= $this->url->href('CommentController', 'update', array('task_id' => $task['id'], 'project_id' => $task['project_id'], 'comment_id' => $comment['id'])) ?>" autocomplete="off"> <?= $this->form->csrf() ?> - <?= $this->form->hidden('id', $values) ?> - <?= $this->form->hidden('task_id', $values) ?> - <?= $this->form->hidden('user_id', $values) ?> <?= $this->form->textEditor('comment', $values, $errors, array('autofocus' => true, 'required' => true)) ?> |