diff options
| author | Greg Roach <greg@subaqua.co.uk> | 2022-05-19 18:55:20 +0100 |
|---|---|---|
| committer | Greg Roach <greg@subaqua.co.uk> | 2022-05-19 18:55:20 +0100 |
| commit | 81443e3cbe4eef5ccdcf8dae716a7e35f7417b60 (patch) | |
| tree | a45ee07eabbd757aea2940b93c229f637733a2b7 /resources/views/modules/statistics-chart | |
| parent | 3a82224cf6be678ecfe17531decfc315d7163893 (diff) | |
| download | webtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.tar.gz webtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.tar.bz2 webtrees-81443e3cbe4eef5ccdcf8dae716a7e35f7417b60.zip | |
Fix: #4389 - move the CSRF token to the end of all forms, so we can detect truncated input variables
Diffstat (limited to 'resources/views/modules/statistics-chart')
| -rw-r--r-- | resources/views/modules/statistics-chart/custom.phtml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/resources/views/modules/statistics-chart/custom.phtml b/resources/views/modules/statistics-chart/custom.phtml index 098515275c..9fd48a3b55 100644 --- a/resources/views/modules/statistics-chart/custom.phtml +++ b/resources/views/modules/statistics-chart/custom.phtml @@ -19,8 +19,6 @@ use Fisharebest\Webtrees\View; </h4> <form method="post" action="<?= e(route('module', ['module' => $module->name(), 'action' => 'CustomChart', 'tree' => $tree->name()])) ?>" id="own-stats-form" class="wt-page-options wt-page-options-statistics"> - <?= csrf_field() ?> - <div class="row mb-3"> <div class="col-sm-2 wt-page-options-label"> <?= I18N::translate('Chart type') ?> @@ -208,6 +206,8 @@ use Fisharebest\Webtrees\View; <?= I18N::translate('show the chart') ?> </button> </p> + + <?= csrf_field() ?> </form> <div id="custom-chart" class="wt-ajax-load"> |
