aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/picture_comment.inc.php3
-rw-r--r--picture.php2
2 files changed, 4 insertions, 1 deletions
diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php
index 73b245b6b..af14cb050 100644
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@@ -149,7 +149,8 @@ SELECT id,author,date,image_id,content
$url_self,
array(
'action'=>'delete_comment',
- 'comment_to_delete'=>$row['id']
+ 'comment_to_delete'=>$row['id'],
+ 'pwg_token'=>get_pwg_token(),
)
);
}
diff --git a/picture.php b/picture.php
index 28e11e3e3..3b4753587 100644
--- a/picture.php
+++ b/picture.php
@@ -309,6 +309,8 @@ UPDATE '.CATEGORIES_TABLE.'
}
case 'delete_comment' :
{
+ check_pwg_token();
+
if (isset($_GET['comment_to_delete'])
and is_numeric($_GET['comment_to_delete'])
and is_admin() and !is_adviser() )