diff options
author | Evan Prodromou <evan@prodromou.name> | 2008-08-30 12:22:23 -0400 |
---|---|---|
committer | Evan Prodromou <evan@prodromou.name> | 2008-08-30 12:22:23 -0400 |
commit | 75f285ddf6decb4f8c3b1b87d29d9b12f833e9fc (patch) | |
tree | d3f9fe7213d55cddfbb68346d6bef69e6c7c023f /actions/register.php | |
parent | b2653f007a423d6d517e0b6519bfc920146b3d1e (diff) |
merge in changes for CSRF, too
darcs-hash:20080830162223-84dde-573e490dc4fde68512ea4ec28599019d2740cfcf.gz
Diffstat (limited to 'actions/register.php')
-rw-r--r-- | actions/register.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/actions/register.php b/actions/register.php index 9a871dd53..2ca86ddf5 100644 --- a/actions/register.php +++ b/actions/register.php @@ -36,7 +36,7 @@ class RegisterAction extends Action { } function try_register() { - + $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->show_form(_('There was a problem with your session token. Try again, please.')); @@ -153,6 +153,15 @@ class RegisterAction extends Action { common_element_start('form', array('method' => 'post', 'id' => 'login', 'action' => common_local_url('register'))); + + common_hidden('token', common_session_token()); + + if ($this->trimmed('code')) { + $code = ($this->trimmed('code')); + $invite = Invitation::staticGet($code); + common_hidden('code', $code); + } + common_input('nickname', _('Nickname'), $this->trimmed('nickname'), _('1-64 lowercase letters or numbers, no punctuation or spaces. Required.')); common_password('password', _('Password'), |