Browse code

Falscher CSRF-Schutz

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@610 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on09/08/2007 19:27:59
Showing1 changed files
... ...
@@ -52,7 +52,7 @@ if (isset($_GET['action']))
52 52
       }
53 53
       break;
54 54
     case 'change_pw':
55
-      check_form_token('mysql_databases_change_pw');
55
+      check_form_token('mysql_databases');
56 56
       set_mysql_password($_POST['mysql_username'], $_POST['mysql_password']);
57 57
       header("Location: ?");
58 58
       $output_something = false;
... ...
@@ -67,7 +67,7 @@ $users = get_mysql_accounts($_SESSION['userinfo']['uid']);
67 67
 
68 68
 if (isset($_POST['access']))
69 69
 {
70
-  check_form_token('mysql_databases_access');
70
+  check_form_token('mysql_databases');
71 71
   /* Eine neue Datenbank */
72 72
   if ($_POST['new_db'] != '')
73 73
   {