Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SAAS-882 - Switch edit user page to use new-style csrf generation

This commit is contained in:
Duncan Sommerville 2015-06-26 10:45:26 -04:00
parent 79f51f77cb
commit 6b9899d11c
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
airtime_mvc/application/forms/EditUser.php
View File

@ -23,9 +23,10 @@ class Application_Form_EditUser extends Zend_Form
array('ViewScript', array('viewScript' => 'form/edit-user.phtml', "currentUser" => $currentUser->getLogin()))));
$this->setAttrib('id', 'current-user-form');
$this->addElement('hash', 'csrf', array(
'salt' => 'unique'
));
$csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
$csrf_element = new Zend_Form_Element_Hidden('csrf');
$csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label');
$this->addElement($csrf_element);
$hidden = new Zend_Form_Element_Hidden('cu_user_id');
$hidden->setDecorators(array('ViewHelper'));