summaryrefslogtreecommitdiff
path: root/resources/views/edit/reorder-families.phtml
diff options
context:
space:
mode:
authorGreg Roach <greg@subaqua.co.uk>2022-05-19 18:55:20 +0100
committerGreg Roach <greg@subaqua.co.uk>2022-05-19 18:55:20 +0100
commit81443e3cbe4eef5ccdcf8dae716a7e35f7417b60 (patch)
treea45ee07eabbd757aea2940b93c229f637733a2b7 /resources/views/edit/reorder-families.phtml
parent3a82224cf6be678ecfe17531decfc315d7163893 (diff)
downloadwebtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.tar.gz
webtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.tar.bz2
webtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.zip
Fix: #4389 - move the CSRF token to the end of all forms, so we can detect truncated input variables
Diffstat (limited to 'resources/views/edit/reorder-families.phtml')
-rw-r--r--resources/views/edit/reorder-families.phtml4
1 files changed, 2 insertions, 2 deletions
diff --git a/resources/views/edit/reorder-families.phtml b/resources/views/edit/reorder-families.phtml
index 6546bc7962..30b5932961 100644
--- a/resources/views/edit/reorder-families.phtml
+++ b/resources/views/edit/reorder-families.phtml
@@ -23,8 +23,6 @@ use Illuminate\Support\Collection;
<h2 class="wt-page-title"><?= $title ?></h2>
<form method="post" action="<?= e(route(ReorderFamiliesAction::class, ['tree' => $tree->name(), 'xref' => $individual->xref()])) ?>" class="wt-page-content">
- <?= csrf_field() ?>
-
<?php if ($fams_facts->count() < 2) : ?>
<?php foreach ($fams_facts as $fact) : ?>
<input type="hidden" name="order[]" value="<?= e($fact->id()) ?>">
@@ -104,6 +102,8 @@ use Illuminate\Support\Collection;
<?= /* I18N: A button label. */ I18N::translate('cancel') ?>
</a>
</p>
+
+ <?= csrf_field() ?>
</form>
<?php View::push('javascript') ?>