Browse Source

remove id attribute from csrf token field due to obsolescence

and if there's multiple form's on the page it would lead to
multiple elements with the same id which is illegal in html
pull/356/head
glaszig 3 years ago
parent
commit
8f3489cd4a
  1. 2
      includes/functions.php

2
includes/functions.php

@ -70,7 +70,7 @@ function ensureCSRFSessionToken()
function CSRFTokenFieldTag()
{
$token = htmlspecialchars($_SESSION['csrf_token']);
return '<input id="csrf_token" type="hidden" name="csrf_token" value="' . $token . '">';
return '<input type="hidden" name="csrf_token" value="' . $token . '">';
}
/**

Loading…
Cancel
Save