From e8f9436f31c99f2b1bad2b820caf72f7c7d3c939 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 21 May 2015 05:24:50 -0400
Subject: [PATCH] - fixed csrf protection

---
 interface/web/mailuser/mail_user_password_edit.php |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/interface/web/mailuser/mail_user_password_edit.php b/interface/web/mailuser/mail_user_password_edit.php
index 5bbcedb..07a1925 100644
--- a/interface/web/mailuser/mail_user_password_edit.php
+++ b/interface/web/mailuser/mail_user_password_edit.php
@@ -51,8 +51,9 @@
 class page_action extends tform_actions {
 
 	function onSubmit() {
-
-		$this->id = $_SESSION['s']['user']['mailuser_id'];
+		global $app, $conf;
+		
+		$this->id = $app->functions->intval($_SESSION['s']['user']['mailuser_id']);
 
 		parent::onSubmit();
 

--
Gitblit v1.9.1