(.*?)#is", $output, $_icsrf_forms);
$_icsrf_fixed = 0;
$_icsrf_norm = 0;
if (is_array($_icsrf_forms[0]))
{
$_icsrf_form_security_token = '';
foreach ($_icsrf_forms[0] as $_icsrf_key => $_icsrf_form_html)
{
if (
preg_match("#method=('|\")?post('|\")?#i", $_icsrf_form_html)
&&
!preg_match("#name=('|\")?securitytoken('|\")?#i", $_icsrf_form_html)
)
{
$_icsrf_new_form_html = str_replace('', $_icsrf_form_security_token . '', $_icsrf_form_html);
$_icsrf_fixed++;
$output = str_replace($_icsrf_form_html, $_icsrf_new_form_html, $output);
}
else
{
$_icsrf_norm++;
}
}
if ($vbulletin->debug)
{
$newdebughtml = str_replace(
"Template Usage:
",
trim("
Inferno CSRF Auto Protection:
- ($_icsrf_norm) CSRF Protected Forms
- ($_icsrf_fixed) CSRF Auto Protected Forms
Template Usage:
"),
$debughtml
);
$output = str_replace($debughtml, $newdebughtml, $output);
}
}
unset($_icsrf_forms, $_icsrf_form_html, $_icsrf_new_form_html, $_icsrf_form_security_token, $_icsrf_key, $newdebughtml);]]>