add csrf check

This commit is contained in:
slene
2014-03-23 01:44:02 +08:00
parent 01e781dedb
commit 076fc98d98
18 changed files with 208 additions and 46 deletions

View File

@@ -5,7 +5,9 @@
<div id="gogs-user-setting-container" class="col-md-9">
<div id="gogs-setting-pwd">
<h4>Password</h4>
<form class="form-horizontal" id="gogs-password-form" method="post" action="/user/setting/password">{{if .IsSuccess}}
<form class="form-horizontal" id="gogs-password-form" method="post" action="/user/setting/password">
{{.CsrfTokenHtml}}
{{if .IsSuccess}}
<p class="alert alert-success">Password is changed successfully. You can now sign in via new password.</p>{{else if .HasError}}<p class="alert alert-danger form-error">{{.ErrorMsg}}</p>{{end}}
<div class="form-group">
<label class="col-md-3 control-label">Old Password<strong class="text-danger">*</strong></label>