diff options
Diffstat (limited to 'phpBB/includes/functions_privmsgs.php')
| -rw-r--r-- | phpBB/includes/functions_privmsgs.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index f07512d623..436b437cfa 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -958,6 +958,11 @@ function handle_mark_actions($user_id, $mark_action) { case 'mark_important': + if (!check_form_key('ucp_pm_view')) + { + trigger_error('FORM_INVALID'); + } + $sql = 'UPDATE ' . PRIVMSGS_TO_TABLE . " SET pm_marked = 1 - pm_marked WHERE folder_id = $cur_folder_id |