diff options
author | Frédéric Guillot <fred@kanboard.net> | 2018-01-29 11:31:54 -0800 |
---|---|---|
committer | Frédéric Guillot <fred@kanboard.net> | 2018-01-29 11:31:54 -0800 |
commit | 357316cdf956b83df890b7bc14b772f49159c3df (patch) | |
tree | 3c58dd9e5cfbef64c135bfa662b296489dd89993 /app/Template/config/upload_db.php | |
parent | 573754c450211a57a1c3939d5d0326570f5efa58 (diff) |
Add missing CSRF check in saveUploadDB() method
Diffstat (limited to 'app/Template/config/upload_db.php')
-rw-r--r-- | app/Template/config/upload_db.php | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/app/Template/config/upload_db.php b/app/Template/config/upload_db.php index b247cf75..efc8eb28 100644 --- a/app/Template/config/upload_db.php +++ b/app/Template/config/upload_db.php @@ -8,9 +8,7 @@ </p> </div> -<form action="<?= $this->url->href('ConfigController', 'saveUploadedDb') ?>" method="post" enctype="multipart/form-data"> - <?= $this->form->csrf() ?> - +<form action="<?= $this->url->href('ConfigController', 'saveUploadedDb', [], true) ?>" method="post" enctype="multipart/form-data"> <?= $this->form->label(t('Database file'), 'file') ?> <?= $this->form->file('file') ?> |