projects / fms.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
version 0.3.13
[fms.git] / src / http / pages / controlboardpage.cpp
diff --git a/src/http/pages/controlboardpage.cpp b/src/http/pages/controlboardpage.cpp
index 380e3de..5677a91 100644 (file)
--- a/src/http/pages/controlboardpage.cpp
+++ b/src/http/pages/controlboardpage.cpp
@@ -23,7 +23,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons
 \r
        if(queryvars.find("formaction")!=queryvars.end())\r
        {\r
-               if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end())\r
+               if((*queryvars.find("formaction")).second=="remove" && queryvars.find("boardid")!=queryvars.end() && ValidateFormPassword(queryvars))\r
                {\r
                        int boardid=0;\r
                        StringFunctions::Convert((*queryvars.find("boardid")).second,boardid);\r
@@ -45,7 +45,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons
                        st.Step();\r
 \r
                }\r
-               if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="")\r
+               if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && (*queryvars.find("boardname")).second!="" && ValidateFormPassword(queryvars))\r
                {\r
                        Poco::DateTime date;\r
                        st=m_db->Prepare("INSERT INTO tblBoard(BoardName,DateAdded) VALUES(?,?);");\r
@@ -90,6 +90,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons
                content+="<td>"+changetrustlisttruststr+"</td>\r\n";\r
                content+="<td>";\r
                content+="<form name=\"frmremove\" method=\"POST\">";\r
+               content+=CreateFormPassword();\r
                content+="<input type=\"hidden\" name=\"formaction\" value=\"remove\">";\r
                content+="<input type=\"hidden\" name=\"boardid\" value=\""+boardidstr+"\">";\r
                content+="<input type=\"submit\" value=\"Remove\">";\r
@@ -102,6 +103,7 @@ const std::string ControlBoardPage::GeneratePage(const std::string &method, cons
        content+="<tr>";\r
        content+="<td>";\r
        content+="<form name=\"frmaddboard\" method=\"POST\">";\r
+       content+=CreateFormPassword();\r
        content+="<input type=\"hidden\" name=\"formaction\" value=\"addboard\">";\r
        content+="<input type=\"text\" name=\"boardname\">";\r
        content+="</td>\r\n<td>";\r
Freenet Message System (unofficial Git repository)