Use CSRF token as name and value for contact deletion confirm form

author Hypolite Petovan <hypolite@mrpetovan.com>

Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)

committer Hypolite Petovan <hypolite@mrpetovan.com>

Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)
author Hypolite Petovan <hypolite@mrpetovan.com>
Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)
committer Hypolite Petovan <hypolite@mrpetovan.com>
Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)
diff --git a/src/Module/Contact.php b/src/Module/Contact.php

index 2b17deab40df98e1887be7e381cd2455d10a1cd4..ceb2b6757c3fd2329a28ec898af6e98b462b4762 100644 (file)
--- a/src/Module/Contact.php
+++ b/src/Module/Contact.php
@@ -432,7 +432,8 @@ class Contact extends BaseModule
                                                 '$message' => DI::l10n()->t('Do you really want to delete this contact?'),
                                                 '$confirm' => DI::l10n()->t('Yes'),
                                                 '$confirm_url' => DI::args()->getCommand(),
-                                               '$confirm_name' => 'confirmed',
+                                               '$confirm_name' => 't',
+                                               '$confirm_value' => BaseModule::getFormSecurityToken('contact_action'),
                                                 '$cancel' => DI::l10n()->t('Cancel'),
                                         ]);
                                 }
author	Hypolite Petovan <hypolite@mrpetovan.com>
	Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)
committer	Hypolite Petovan <hypolite@mrpetovan.com>
	Tue, 14 Sep 2021 21:28:42 +0000 (17:28 -0400)