CSRF-Protection in the group-related form (creating, renaming and dropping a group...

[friendica.git] / include / security.php

diff --git a/include/security.php b/include/security.php
index 6ea515bffe41ff907b5bffb7ee1d237b0bc397f5..45473445a7e43b17c33861b8b8819550a00cdf22 100755 (executable)
--- a/include/security.php
+++ b/include/security.php
@@ -334,3 +334,9 @@ function check_form_security_token_redirectOnErr($err_redirect, $typename = "",
                goaway($a->get_baseurl() . $err_redirect );
        }
 }
+function check_form_security_token_ForbiddenOnErr($typename = "", $formname = 'form_security_token') {
+       if (!check_form_security_token($typename, $formname)) {
+               header('HTTP/1.1 403 Forbidden');
+               killme();
+       }
+}
\ No newline at end of file