Changes up to 2.3.7 merged into unstable branch.

[fa-stable.git] / admin / change_current_user_password.php

diff --git a/admin/change_current_user_password.php b/admin/change_current_user_password.php
index 247517a24b86dbf0ff327f10d91238a3fa7d846d..4ed37fb012d1f55c2a13e4e1225179a2263a014b 100644 (file)
--- a/admin/change_current_user_password.php
+++ b/admin/change_current_user_password.php
@@ -47,7 +47,7 @@ function can_process()
        return true;
 }
 
-if (isset($_POST['UPDATE_ITEM']))
+if (isset($_POST['UPDATE_ITEM']) && check_csrf_token())
 {
 
        if (can_process())