Files
TravianZ/Admin/Templates
Ferywir 6472b30bd2 fix(admin): verify CSRF token in message admin Mods [#139] (#264)
sendMessage, massmessage and sysmessage are POSTed to directly, bypassing
admin.php's central csrf_verify(). Add csrf_verify() (after the admin access
check, via the shared GameEngine/Admin/csrf.php) and csrf_field() in their
forms (Newmessage.tpl, massmessage.tpl, sysmessage.tpl; the mass/sys templates
have both a prepare and an execute form).

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 11:49:32 +03:00
..
2026-05-25 10:23:39 +03:00
2017-08-28 17:31:55 +02:00
2025-02-11 11:22:22 +02:00
2026-06-04 15:14:35 +03:00
2026-05-25 10:23:39 +03:00
2026-06-23 10:30:16 +03:00
2026-06-05 12:51:34 +03:00
2026-06-04 13:39:59 +03:00
2026-06-22 15:19:05 +03:00
2026-06-09 08:04:17 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-05-26 12:34:50 +03:00
2026-05-25 10:23:39 +03:00
2026-06-05 12:30:13 +03:00
2026-05-25 10:23:39 +03:00
2026-06-23 09:09:21 +03:00
2026-06-05 12:30:13 +03:00
2026-05-25 10:23:39 +03:00
2025-02-11 11:22:22 +02:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-06-23 09:09:21 +03:00
2026-05-25 10:23:39 +03:00
2026-06-02 13:16:44 +03:00
2026-05-25 10:23:39 +03:00
2026-06-04 12:35:53 +03:00
2026-05-25 10:23:39 +03:00
2026-06-05 12:30:13 +03:00
2026-06-22 10:41:25 +03:00
2026-05-25 10:23:39 +03:00
2026-06-22 10:41:25 +03:00
2026-06-02 11:35:35 +03:00
2026-06-05 12:54:48 +03:00
2026-06-05 12:30:13 +03:00
2026-06-05 12:30:13 +03:00
2026-06-05 12:30:13 +03:00
2026-06-22 10:41:25 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-05-25 10:23:39 +03:00
2026-06-05 12:30:13 +03:00