ifl/iflrandevu
1
1
Fork 0
forked from mirrors/easyappointments
Code Issues 6 Pull requests Releases 3 Activity

CSRF protection for appointment book

Browse source
This commit is contained in:
Alex Tselegidis 2015-05-27 23:26:36 +02:00
parent 101097886b
commit f223ffa343
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/application/views/appointments/book.php
View file

@ -374,6 +374,7 @@
: $this->lang->line('update'); : $this->lang->line('update');
?> ?>
</button> </button>
<input type="hidden" name="csrfToken" />
<input type="hidden" name="post_data" /> <input type="hidden" name="post_data" />
</form> </form>
</div> </div>

2
src/assets/js/frontend_book.js
View file

@ -481,7 +481,7 @@ var FrontendBook = {
postData['appointment']['id'] = GlobalVariables.appointmentData['id']; postData['appointment']['id'] = GlobalVariables.appointmentData['id'];
postData['customer']['id'] = GlobalVariables.customerData['id']; postData['customer']['id'] = GlobalVariables.customerData['id'];
} }
$('input[name="csrfToken"]').val(GlobalVariables.csrfToken);
$('input[name="post_data"]').val(JSON.stringify(postData)); $('input[name="post_data"]').val(JSON.stringify(postData));
}, },