summaryrefslogtreecommitdiff
path: root/program/steps/settings/save_identity.inc
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/settings/save_identity.inc')
-rw-r--r--program/steps/settings/save_identity.inc6
1 files changed, 6 insertions, 0 deletions
diff --git a/program/steps/settings/save_identity.inc b/program/steps/settings/save_identity.inc
index 900c2d3d9..86ff263d2 100644
--- a/program/steps/settings/save_identity.inc
+++ b/program/steps/settings/save_identity.inc
@@ -26,6 +26,12 @@ $a_html_cols = array('signature');
$a_boolean_cols = array('standard', 'html_signature');
$updated = $default_id = false;
+// check request token
+if (!$RCMAIL->check_request('save-identity.'.intval(get_input_value('_iid', RCUBE_INPUT_POST)), RCUBE_INPUT_POST)) {
+ $OUTPUT->show_message('invalidrequest', 'error');
+ rcmail_overwrite_action('identities');
+ return;
+}
// check input
if (empty($_POST['_name']) || (empty($_POST['_email']) && IDENTITIES_LEVEL != 1 && IDENTITIES_LEVEL != 3))
{
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 06:29:48 +0000