X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fplwizard.php;h=fecf881c688d22aee10cd3a004f25f3e00409507;hb=06df222b7962dd5b71b34ec1dd078276d7327dbc;hp=36672681177b0709faa0033849b18ed6c6fb8ef1;hpb=d0327f6de73e81c4bcc656471ca4161e4f1e1e1b;p=platal.git

diff --git a/classes/plwizard.php b/classes/plwizard.php
index 3667268..fecf881 100644
--- a/classes/plwizard.php
+++ b/classes/plwizard.php
@@ -151,6 +151,8 @@ class PlWizard
 
         // Process the previous page
         if (Post::has('valid_page')) {
+            S::assert_xsrf_token();
+
             $page = $this->getPage(Post::i('valid_page'));
             $curpage = Post::i('valid_page');
             $next = $page->process();