aboutsummaryrefslogtreecommitdiff
path: root/app/views/helpers
diff options
context:
space:
mode:
Diffstat (limited to 'app/views/helpers')
-rw-r--r--app/views/helpers/feed/update.phtml1
-rw-r--r--app/views/helpers/javascript_vars.phtml3
-rwxr-xr-xapp/views/helpers/logs_pagination.phtml2
-rwxr-xr-xapp/views/helpers/pagination.phtml7
4 files changed, 8 insertions, 5 deletions
diff --git a/app/views/helpers/feed/update.phtml b/app/views/helpers/feed/update.phtml
index 72084d8fa..b7e8f68cd 100644
--- a/app/views/helpers/feed/update.phtml
+++ b/app/views/helpers/feed/update.phtml
@@ -18,6 +18,7 @@
<?php } ?>
<form method="post" action="<?php echo _url('subscription', 'feed', 'id', $this->feed->id()); ?>" autocomplete="off">
+ <input type="hidden" name="_csrf" value="<?php echo FreshRSS_Auth::csrfToken(); ?>" />
<legend><?php echo _t('sub.feed.informations'); ?></legend>
<div class="form-group">
<label class="group-name" for="name"><?php echo _t('sub.feed.title'); ?></label>
diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml
index 6178cacf2..745baa195 100644
--- a/app/views/helpers/javascript_vars.phtml
+++ b/app/views/helpers/javascript_vars.phtml
@@ -1,6 +1,5 @@
<?php
$mark = FreshRSS_Context::$user_conf->mark_when;
-$mail = Minz_Session::param('mail', false);
$s = FreshRSS_Context::$user_conf->shortcuts;
echo htmlspecialchars(json_encode(array(
'context' => array(
@@ -16,8 +15,8 @@ echo htmlspecialchars(json_encode(array(
'sticky_post' => !!FreshRSS_Context::isStickyPostEnabled(),
'html5_notif_timeout' => FreshRSS_Context::$user_conf->html5_notif_timeout,
'auth_type' => FreshRSS_Context::$system_conf->auth_type,
- 'current_user_mail' => $mail ? ('"' . $mail . '"') : null,
'current_view' => Minz_Request::actionName(),
+ 'csrf' => FreshRSS_Auth::csrfToken(),
),
'shortcuts' => array(
'mark_read' => @$s['mark_read'],
diff --git a/app/views/helpers/logs_pagination.phtml b/app/views/helpers/logs_pagination.phtml
index 58b3c68f4..bf9d91f04 100755
--- a/app/views/helpers/logs_pagination.phtml
+++ b/app/views/helpers/logs_pagination.phtml
@@ -1,7 +1,7 @@
<?php
$c = Minz_Request::controllerName();
$a = Minz_Request::actionName();
- $params = Minz_Request::params();
+ $params = Minz_Request::fetchGET();
?>
<?php if ($this->nbPage > 1) { ?>
diff --git a/app/views/helpers/pagination.phtml b/app/views/helpers/pagination.phtml
index 7eca8c525..20957fc67 100755
--- a/app/views/helpers/pagination.phtml
+++ b/app/views/helpers/pagination.phtml
@@ -10,12 +10,14 @@
'get' => FreshRSS_Context::currentGet(),
'nextGet' => FreshRSS_Context::$next_get,
'idMax' => FreshRSS_Context::$id_max,
+ 'search' => FreshRSS_Context::$search,
+ 'state' => FreshRSS_Context::$state,
)
);
?>
-<form id="mark-read-pagination" method="post" aria-hidden="true"></form>
-
+<form id="mark-read-pagination" method="post">
+<input type="hidden" name="_csrf" value="<?php echo FreshRSS_Auth::csrfToken(); ?>" />
<ul class="pagination">
<li class="item pager-next">
<?php if (FreshRSS_Context::$next_id) { ?>
@@ -39,3 +41,4 @@
<?php } ?>
</li>
</ul>
+</form>
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-10 10:51:06 +0000