token mod-reportC-edit

Signed-off-by: Suki <[email protected]>

Sources/ReportedPosts.php

@@ -432,6 +432,9 @@ function EditComment()
 
 	if (isset($_REQUEST['save']) && isset($_POST['edit_comment']) && !empty($_POST['mod_comment']))
 	{
+		checkSession('get');
+		validateToken('mod-reportC-edit');
+
 		$edited_comment = trim($smcFunc['htmlspecialchars']($_POST['mod_comment']));
 
 		editModComment($context['comment_id'], $edited_comment);

Themes/default/ReportedPosts.template.php

@@ -309,6 +309,7 @@ function template_edit_comment()
 			<br>';
 
 	echo '
+			<input type="hidden" name="', $context['mod-reportC-edit_token_var'], '" value="', $context['mod-reportC-edit_token'], '">
 			<input type="hidden" name="', $context['session_var'], '" value="', $context['session_id'], '">
 		</form>
 	</div>';