Use CSRF token as name and value for contact deletion confirm form

This commit is contained in:
Hypolite Petovan 2021-09-14 17:28:42 -04:00
parent 06b8f93eae
commit 44ec4de14c

View File

@ -432,7 +432,8 @@ class Contact extends BaseModule
'$message' => DI::l10n()->t('Do you really want to delete this contact?'),
'$confirm' => DI::l10n()->t('Yes'),
'$confirm_url' => DI::args()->getCommand(),
'$confirm_name' => 'confirmed',
'$confirm_name' => 't',
'$confirm_value' => BaseModule::getFormSecurityToken('contact_action'),
'$cancel' => DI::l10n()->t('Cancel'),
]);
}