X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fplatal.php;h=f2d4d96b684086cdc66448976829e7c977d71c6d;hb=c700d16b2402b1d246383097f6f22f716e294eaf;hp=0fb4c19b04797e9d44227fcce3c5cd6099597b55;hpb=f5c4bf30937c75b077ce4941a7c66019cc781a67;p=platal.git

diff --git a/modules/platal.php b/modules/platal.php
index 0fb4c19..f2d4d96 100644
--- a/modules/platal.php
+++ b/modules/platal.php
@@ -189,6 +189,7 @@ class PlatalModule extends PLModule
 
         if (Post::has('response2'))  {
             require_once 'secure_hash.inc.php';
+            S::assert_xsrf_token();
 
             $_SESSION['password'] = $password = Post::v('response2');