Option::Instance()->Get("FProxyPort",fproxyport);\r
\r
\r
- if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="removefile" && queryvars.find("fileid")!=queryvars.end())\r
+ if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="removefile" && queryvars.find("fileid")!=queryvars.end() && ValidateFormPassword(queryvars))\r
{\r
SQLite3DB::Statement del=m_db->Prepare("DELETE FROM tblFileInserts WHERE FileInsertID=?;");\r
del.Bind(0,(*queryvars.find("fileid")).second);\r
\r
content+="<a href=\"http://"+node+":"+fproxyport+"/"+StringFunctions::UriEncode(key)+"\">"+SanitizeOutput(filename)+"</a> - "+sizestr+" bytes";\r
content+="<form name=\"frmRemove"+insertidstr+"\" method=\"POST\">";\r
+ content+=CreateFormPassword();\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"removefile\">";\r
content+="<input type=\"hidden\" name=\"fileid\" value=\""+insertidstr+"\">";\r
content+="<input type=\"submit\" value=\"Remove\">";\r