CSRF fix

kestasjk · Jul 23, 2021 · 1be618b · 1be618b
1 parent 721dfab
commit 1be618b
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/contactUsDirect.php b/contactUsDirect.php
@@ -58,6 +58,8 @@ class GameResultData
 // Get values from posted contact requests. 
 if(isset($_POST['submit'])) 
 {
+    libAuth::formToken_Valid();
+
     $submitted = true;
     if (isset($_POST['issueType']))
     {
@@ -393,6 +395,7 @@ class GameResultData
     print '<div class = "contactUsShow">';
 
     print '<form action="#" method="post">';
+    print libAuth::formTokenHTML();
     print   '<p><strong>What do you need to contact us about?</strong></p>
             Issue with game(s) <input type="radio" value="gameIssue" onclick="javascript:gameIssueCheck();" name="issueType" id="gameIssue" required> 
             </br>Other issue <input type="radio" value="otherIssue" onclick="javascript:gameIssueCheck();" name="issueType" id="otherIssue">';