X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fplwizard.php;h=ab3dbcab2d89a05926596f4a150bb608e6e6deac;hb=37c45da5e78e9cd0660ec825447ea117830bf28e;hp=e12eec7f45c608c087a92152575255df406d307a;hpb=36f472dc1d8abe2ac18079b04cf8b6a2e10522be;p=platal.git

diff --git a/classes/plwizard.php b/classes/plwizard.php
index e12eec7..ab3dbca 100644
--- a/classes/plwizard.php
+++ b/classes/plwizard.php
@@ -151,6 +151,8 @@ class PlWizard
 
         // Process the previous page
         if (Post::has('valid_page')) {
+            S::assert_xsrf_token();
+
             $page = $this->getPage(Post::i('valid_page'));
             $curpage = Post::i('valid_page');
             $next = $page->process();