From: Hypolite Petovan <hypolite@mrpetovan.com>
Date: Tue, 14 Sep 2021 21:28:42 +0000 (-0400)
Subject: Use CSRF token as name and value for contact deletion confirm form
X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=44ec4de14cc6dc3b27bd98ceec1c2705d45fc77a;p=friendica.git

Use CSRF token as name and value for contact deletion confirm form
---

diff --git a/src/Module/Contact.php b/src/Module/Contact.php
index 2b17deab40..ceb2b6757c 100644
--- a/src/Module/Contact.php
+++ b/src/Module/Contact.php
@@ -432,7 +432,8 @@ class Contact extends BaseModule
 						'$message' => DI::l10n()->t('Do you really want to delete this contact?'),
 						'$confirm' => DI::l10n()->t('Yes'),
 						'$confirm_url' => DI::args()->getCommand(),
-						'$confirm_name' => 'confirmed',
+						'$confirm_name' => 't',
+						'$confirm_value' => BaseModule::getFormSecurityToken('contact_action'),
 						'$cancel' => DI::l10n()->t('Cancel'),
 					]);
 				}