Adds XSRF protection to the Profile module.

[platal.git] / templates / profile / trombino.tpl

diff --git a/templates/profile/trombino.tpl b/templates/profile/trombino.tpl
index 3b23f6b..877b2fc 100644 (file)
--- a/templates/profile/trombino.tpl
+++ b/templates/profile/trombino.tpl
@@ -24,6 +24,7 @@
 <h1>Trombinoscope</h1>
 
 <form enctype="multipart/form-data" action="photo/change" method="post">
+  {xsrf_token_field}
   {if ($session.promo ge 1995) || ($session.promo le 2002)}
   <p>
   Si tu n'as pas encore fourni de photo, c'est celle du trombinoscope de l'X qui est