Bei POST-Anfragen ein Token mitsenden, um CSRF-Angriffe zu verhindern. - openrat-cms - Unnamed repository; edit this file 'description' to name the repository.

commit 5057c94920ca6fcc584c7497736509a9ed323256
parent 463007e91d8f953e16f40ffb538d9b699c0e3764
Author: dankert <devnull@localhost>
Date:   Tue, 23 Feb 2010 22:41:56 +0100

Bei POST-Anfragen ein Token mitsenden, um CSRF-Angriffe zu verhindern.

Diffstat:
themes/default/pages/html/element/name.tpl.php  | 1 +
themes/default/pages/html/element/properties.tpl.php  | 1 +
themes/default/pages/html/element/remove.tpl.php  | 1 +
themes/default/pages/html/element/type.tpl.php  | 1 +
themes/default/pages/html/file/compress.tpl.php  | 1 +
themes/default/pages/html/file/edit.tpl.php  | 1 +
themes/default/pages/html/file/editvalue.tpl.php  | 1 +
themes/default/pages/html/file/extract.tpl.php  | 1 +
themes/default/pages/html/file/prop.tpl.php  | 1 +
themes/default/pages/html/file/pub.tpl.php  | 1 +
themes/default/pages/html/file/remove.tpl.php  | 1 +
themes/default/pages/html/file/size.tpl.php  | 1 +
themes/default/pages/html/file/uncompress.tpl.php  | 1 +
themes/default/pages/html/folder/create.tpl.php  | 1 +
themes/default/pages/html/folder/createfile.tpl.php  | 1 +
themes/default/pages/html/folder/createfolder.tpl.php  | 1 +
themes/default/pages/html/folder/createlink.tpl.php  | 1 +
themes/default/pages/html/folder/createpage.tpl.php  | 1 +
themes/default/pages/html/folder/edit.tpl.php  | 1 +
themes/default/pages/html/folder/prop.tpl.php  | 1 +
themes/default/pages/html/folder/pub.tpl.php  | 1 +
themes/default/pages/html/folder/remove.tpl.php  | 1 +
themes/default/pages/html/folder/select.tpl.php  | 1 +
themes/default/pages/html/group/add.tpl.php  | 1 +
themes/default/pages/html/group/edit.tpl.php  | 1 +
themes/default/pages/html/group/remove.tpl.php  | 1 +
themes/default/pages/html/group/users.tpl.php  | 1 +
themes/default/pages/html/index/changepassword.tpl.php  | 1 +
themes/default/pages/html/index/password.tpl.php  | 1 +
themes/default/pages/html/index/passwordinputcode.tpl.php  | 1 +
themes/default/pages/html/index/projectmenu.tpl.php  | 1 +
themes/default/pages/html/index/register.tpl.php  | 1 +
themes/default/pages/html/index/registeruserdata.tpl.php  | 1 +
themes/default/pages/html/index/showlogin.tpl.php  | 1 +
themes/default/pages/html/language/add.tpl.php  | 1 +
themes/default/pages/html/language/advanced.tpl.php  | 1 +
themes/default/pages/html/language/edit.tpl.php  | 1 +
themes/default/pages/html/language/remove.tpl.php  | 1 +
themes/default/pages/html/link/edit.tpl.php  | 1 +
themes/default/pages/html/link/prop.tpl.php  | 1 +
themes/default/pages/html/mainmenu/show.tpl.php  | 1 +
themes/default/pages/html/model/add.tpl.php  | 1 +
themes/default/pages/html/model/edit.tpl.php  | 1 +
themes/default/pages/html/model/remove.tpl.php  | 1 +
themes/default/pages/html/object/aclform.tpl.php  | 13 +++++++++----
themes/default/pages/html/object/rights.tpl.php  | 1 +
themes/default/pages/html/page/changetemplate.tpl.php  | 1 +
themes/default/pages/html/page/changetemplateselectelements.tpl.php  | 1 +
themes/default/pages/html/page/form.tpl.php  | 1 +
themes/default/pages/html/page/prop.tpl.php  | 1 +
themes/default/pages/html/page/pub.tpl.php  | 1 +
themes/default/pages/html/pageelement/archive.tpl.php  | 1 +
themes/default/pages/html/pageelement/diff.tpl.php  | 1 +
themes/default/pages/html/pageelement/edit.tpl.php  | 1 +
themes/default/pages/html/pageelement/export.tpl.php  | 1 +
themes/default/pages/html/pageelement/import.tpl.php  | 1 +
themes/default/pages/html/pageelement/link.tpl.php  | 1 +
themes/default/pages/html/pageelement/prop.tpl.php  | 1 +
themes/default/pages/html/profile/confirmmail.tpl.php  | 1 +
themes/default/pages/html/profile/edit.tpl.php  | 1 +
themes/default/pages/html/profile/mail.tpl.php  | 1 +
themes/default/pages/html/profile/pwchange.tpl.php  | 1 +
themes/default/pages/html/profile/settings.tpl.php  | 1 +
themes/default/pages/html/project/add.tpl.php  | 1 +
themes/default/pages/html/project/edit.tpl.php  | 1 +
themes/default/pages/html/project/export.tpl.php  | 1 +
themes/default/pages/html/project/maintenance.tpl.php  | 1 +
themes/default/pages/html/project/remove.tpl.php  | 1 +
themes/default/pages/html/search/content.tpl.php  | 1 +
themes/default/pages/html/search/prop.tpl.php  | 1 +
themes/default/pages/html/status/show.tpl.php  | 6 ++++++
themes/default/pages/html/template/add.tpl.php  | 1 +
themes/default/pages/html/template/addel.tpl.php  | 1 +
themes/default/pages/html/template/extension.tpl.php  | 1 +
themes/default/pages/html/template/name.tpl.php  | 1 +
themes/default/pages/html/template/remove.tpl.php  | 1 +
themes/default/pages/html/template/src.tpl.php  | 1 +
themes/default/pages/html/template/srcelement.tpl.php  | 1 +
themes/default/pages/html/user/add.tpl.php  | 1 +
themes/default/pages/html/user/edit.tpl.php  | 1 +
themes/default/pages/html/user/groups.tpl.php  | 1 +
themes/default/pages/html/user/pw.tpl.php  | 1 +
themes/default/pages/html/user/remove.tpl.php  | 1 +

83 files changed, 96 insertions(+), 4 deletions(-)
diff --git a/themes/default/pages/html/element/name.tpl.php b/themes/default/pages/html/element/name.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/element/properties.tpl.php b/themes/default/pages/html/element/properties.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/element/remove.tpl.php b/themes/default/pages/html/element/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/element/type.tpl.php b/themes/default/pages/html/element/type.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/compress.tpl.php b/themes/default/pages/html/file/compress.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/edit.tpl.php b/themes/default/pages/html/file/edit.tpl.php
@@ -52,6 +52,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/editvalue.tpl.php b/themes/default/pages/html/file/editvalue.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/extract.tpl.php b/themes/default/pages/html/file/extract.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/prop.tpl.php b/themes/default/pages/html/file/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/pub.tpl.php b/themes/default/pages/html/file/pub.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/remove.tpl.php b/themes/default/pages/html/file/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/size.tpl.php b/themes/default/pages/html/file/size.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/file/uncompress.tpl.php b/themes/default/pages/html/file/uncompress.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/create.tpl.php b/themes/default/pages/html/folder/create.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/createfile.tpl.php b/themes/default/pages/html/folder/createfile.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/createfolder.tpl.php b/themes/default/pages/html/folder/createfolder.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/createlink.tpl.php b/themes/default/pages/html/folder/createlink.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/createpage.tpl.php b/themes/default/pages/html/folder/createpage.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/edit.tpl.php b/themes/default/pages/html/folder/edit.tpl.php
@@ -52,6 +52,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/prop.tpl.php b/themes/default/pages/html/folder/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/pub.tpl.php b/themes/default/pages/html/folder/pub.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/remove.tpl.php b/themes/default/pages/html/folder/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/folder/select.tpl.php b/themes/default/pages/html/folder/select.tpl.php
@@ -52,6 +52,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/group/add.tpl.php b/themes/default/pages/html/group/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/group/edit.tpl.php b/themes/default/pages/html/group/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/group/remove.tpl.php b/themes/default/pages/html/group/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/group/users.tpl.php b/themes/default/pages/html/group/users.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/changepassword.tpl.php b/themes/default/pages/html/index/changepassword.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/password.tpl.php b/themes/default/pages/html/index/password.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/passwordinputcode.tpl.php b/themes/default/pages/html/index/passwordinputcode.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/projectmenu.tpl.php b/themes/default/pages/html/index/projectmenu.tpl.php
@@ -250,6 +250,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
diff --git a/themes/default/pages/html/index/register.tpl.php b/themes/default/pages/html/index/register.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/registeruserdata.tpl.php b/themes/default/pages/html/index/registeruserdata.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/index/showlogin.tpl.php b/themes/default/pages/html/index/showlogin.tpl.php
@@ -52,6 +52,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/language/add.tpl.php b/themes/default/pages/html/language/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/language/advanced.tpl.php b/themes/default/pages/html/language/advanced.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/language/edit.tpl.php b/themes/default/pages/html/language/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/language/remove.tpl.php b/themes/default/pages/html/language/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/link/edit.tpl.php b/themes/default/pages/html/link/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/link/prop.tpl.php b/themes/default/pages/html/link/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/mainmenu/show.tpl.php b/themes/default/pages/html/mainmenu/show.tpl.php
@@ -157,6 +157,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a7_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a7_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a7_id ?>" /><?php
diff --git a/themes/default/pages/html/model/add.tpl.php b/themes/default/pages/html/model/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/model/edit.tpl.php b/themes/default/pages/html/model/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/model/remove.tpl.php b/themes/default/pages/html/model/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/object/aclform.tpl.php b/themes/default/pages/html/object/aclform.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
@@ -97,6 +98,10 @@
 			echo '&nbsp;&raquo;&nbsp;';
 		}
 		echo '<span class="title">'.langHtml($windowTitle).'</span>';
+		if	( isset($notice_status))
+		{
+			?><img src="<?php echo $image_dir.'notice_'.$notice_status.IMG_ICON_EXT ?>" align="right" /><?php
+		}
 		?>
 		</td>
 		<?php
@@ -142,7 +147,7 @@
   <tr>
     <td align="center" class="notice">
   <?php foreach( $notices as $notice_idx=>$notice ) { ?>
-    	<br><table class="notice" width="80%">
+    	<br><table class="notice">
   <?php if ($notice['name']!='') { ?>
   <tr>
     <th colspan="2"><img src="<?php echo $image_dir.'icon_'.$notice['type'].IMG_ICON_EXT ?>" align="left" /><?php echo $notice['name'] ?>
@@ -199,7 +204,7 @@
 			$a6_tmp_default = $a6_default;
 		else
 			$a6_tmp_default = '';
- ?><input onclick="<?php echo $a6_name.'_'.$a6_value ?>_valueChanged(this);" class="radio" type="radio" id="id_<?php echo $a6_name.'_'.$a6_value ?>"  name="<?php echo $a6_prefix.$a6_name ?>"<?php if ( $a6_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a6_value ?>" <?php if($a6_value==$a6_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a6_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
+ ?><input onclick="" class="radio" type="radio" id="id_<?php echo $a6_name.'_'.$a6_value ?>"  name="<?php echo $a6_prefix.$a6_name ?>"<?php if ( $a6_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a6_value ?>" <?php if($a6_value==$a6_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a6_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
 <?php /* #END-IF# */ ?><?php unset($a6_readonly,$a6_name,$a6_value,$a6_default,$a6_prefix,$a6_suffix,$a6_class,$a6_onchange) ?></td><?php $column_idx++; ?><td
 <?php if (!empty($column_widths)) { ?>
  width="<?php echo $column_widths[($column_idx-1)%count($column_widths)] ?>"
@@ -251,7 +256,7 @@
 			$a6_tmp_default = $a6_default;
 		else
 			$a6_tmp_default = '';
- ?><input onclick="<?php echo $a6_name.'_'.$a6_value ?>_valueChanged(this);" class="radio" type="radio" id="id_<?php echo $a6_name.'_'.$a6_value ?>"  name="<?php echo $a6_prefix.$a6_name ?>"<?php if ( $a6_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a6_value ?>" <?php if($a6_value==$a6_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a6_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
+ ?><input onclick="" class="radio" type="radio" id="id_<?php echo $a6_name.'_'.$a6_value ?>"  name="<?php echo $a6_prefix.$a6_name ?>"<?php if ( $a6_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a6_value ?>" <?php if($a6_value==$a6_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a6_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
 <?php /* #END-IF# */ ?><?php unset($a6_readonly,$a6_name,$a6_value,$a6_default,$a6_prefix,$a6_suffix,$a6_class,$a6_onchange) ?></td><?php $column_idx++; ?><td
 <?php if (!empty($column_widths)) { ?>
  width="<?php echo $column_widths[($column_idx-1)%count($column_widths)] ?>"
@@ -354,7 +359,7 @@ if (count($$a6_list)==1) echo '<input type="hidden" name="'.$a6_name.'" value="'
 			$a7_tmp_default = $a7_default;
 		else
 			$a7_tmp_default = '';
- ?><input onclick="<?php echo $a7_name.'_'.$a7_value ?>_valueChanged(this);" class="radio" type="radio" id="id_<?php echo $a7_name.'_'.$a7_value ?>"  name="<?php echo $a7_prefix.$a7_name ?>"<?php if ( $a7_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a7_value ?>" <?php if($a7_value==$a7_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a7_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
+ ?><input onclick="" class="radio" type="radio" id="id_<?php echo $a7_name.'_'.$a7_value ?>"  name="<?php echo $a7_prefix.$a7_name ?>"<?php if ( $a7_readonly ) echo ' disabled="disabled"' ?> value="<?php echo $a7_value ?>" <?php if($a7_value==$a7_tmp_default) echo 'checked="checked"' ?><?php if (in_array($a7_name,$errors)) echo ' style="borderx:2px dashed red; background-color:red;"' ?> />
 <?php /* #END-IF# */ ?><?php unset($a7_readonly,$a7_name,$a7_value,$a7_default,$a7_prefix,$a7_suffix,$a7_class,$a7_onchange) ?></td><?php $column_idx++; ?><td
 <?php if (!empty($column_widths)) { ?>
  width="<?php echo $column_widths[($column_idx-1)%count($column_widths)] ?>"
diff --git a/themes/default/pages/html/object/rights.tpl.php b/themes/default/pages/html/object/rights.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/page/changetemplate.tpl.php b/themes/default/pages/html/page/changetemplate.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/page/changetemplateselectelements.tpl.php b/themes/default/pages/html/page/changetemplateselectelements.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/page/form.tpl.php b/themes/default/pages/html/page/form.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/page/prop.tpl.php b/themes/default/pages/html/page/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/page/pub.tpl.php b/themes/default/pages/html/page/pub.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/archive.tpl.php b/themes/default/pages/html/pageelement/archive.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/diff.tpl.php b/themes/default/pages/html/pageelement/diff.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/edit.tpl.php b/themes/default/pages/html/pageelement/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/export.tpl.php b/themes/default/pages/html/pageelement/export.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/import.tpl.php b/themes/default/pages/html/pageelement/import.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/link.tpl.php b/themes/default/pages/html/pageelement/link.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/pageelement/prop.tpl.php b/themes/default/pages/html/pageelement/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/profile/confirmmail.tpl.php b/themes/default/pages/html/profile/confirmmail.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/profile/edit.tpl.php b/themes/default/pages/html/profile/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/profile/mail.tpl.php b/themes/default/pages/html/profile/mail.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/profile/pwchange.tpl.php b/themes/default/pages/html/profile/pwchange.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/profile/settings.tpl.php b/themes/default/pages/html/profile/settings.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/project/add.tpl.php b/themes/default/pages/html/project/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/project/edit.tpl.php b/themes/default/pages/html/project/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/project/export.tpl.php b/themes/default/pages/html/project/export.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/project/maintenance.tpl.php b/themes/default/pages/html/project/maintenance.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/project/remove.tpl.php b/themes/default/pages/html/project/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/search/content.tpl.php b/themes/default/pages/html/search/content.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/search/prop.tpl.php b/themes/default/pages/html/search/prop.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/status/show.tpl.php b/themes/default/pages/html/status/show.tpl.php
@@ -80,6 +80,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
@@ -196,6 +197,7 @@ if (count($$a7_list)==1) echo '<input type="hidden" name="'.$a7_name.'" value="'
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
@@ -312,6 +314,7 @@ if (count($$a7_list)==1) echo '<input type="hidden" name="'.$a7_name.'" value="'
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
@@ -428,6 +431,7 @@ if (count($$a7_list)==1) echo '<input type="hidden" name="'.$a7_name.'" value="'
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
@@ -544,6 +548,7 @@ if (count($$a7_list)==1) echo '<input type="hidden" name="'.$a7_name.'" value="'
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
@@ -660,6 +665,7 @@ if (count($$a7_list)==1) echo '<input type="hidden" name="'.$a7_name.'" value="'
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a6_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a6_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a6_id ?>" /><?php
diff --git a/themes/default/pages/html/template/add.tpl.php b/themes/default/pages/html/template/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/addel.tpl.php b/themes/default/pages/html/template/addel.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/extension.tpl.php b/themes/default/pages/html/template/extension.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/name.tpl.php b/themes/default/pages/html/template/name.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/remove.tpl.php b/themes/default/pages/html/template/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/src.tpl.php b/themes/default/pages/html/template/src.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/template/srcelement.tpl.php b/themes/default/pages/html/template/srcelement.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/user/add.tpl.php b/themes/default/pages/html/user/add.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/user/edit.tpl.php b/themes/default/pages/html/user/edit.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/user/groups.tpl.php b/themes/default/pages/html/user/groups.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/user/pw.tpl.php b/themes/default/pages/html/user/pw.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php
diff --git a/themes/default/pages/html/user/remove.tpl.php b/themes/default/pages/html/user/remove.tpl.php
@@ -54,6 +54,7 @@
 <?php if ($this->isEditable() && !$this->isEditMode()) { ?>
 <input type="hidden" name="mode" value="edit" />
 <?php } ?>
+<input type="hidden" name="<?php echo REQ_PARAM_TOKEN ?>" value="<?php echo token() ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ACTION ?>" value="<?php echo $a2_action ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_SUBACTION ?>" value="<?php echo $a2_subaction ?>" />
 <input type="hidden" name="<?php echo REQ_PARAM_ID ?>" value="<?php echo $a2_id ?>" /><?php

	openrat-cms Unnamed repository; edit this file 'description' to name the repository.
	Log \| Files \| Refs

themes/default/pages/html/element/name.tpl.php	\|	1	+
themes/default/pages/html/element/properties.tpl.php	\|	1	+
themes/default/pages/html/element/remove.tpl.php	\|	1	+
themes/default/pages/html/element/type.tpl.php	\|	1	+
themes/default/pages/html/file/compress.tpl.php	\|	1	+
themes/default/pages/html/file/edit.tpl.php	\|	1	+
themes/default/pages/html/file/editvalue.tpl.php	\|	1	+
themes/default/pages/html/file/extract.tpl.php	\|	1	+
themes/default/pages/html/file/prop.tpl.php	\|	1	+
themes/default/pages/html/file/pub.tpl.php	\|	1	+
themes/default/pages/html/file/remove.tpl.php	\|	1	+
themes/default/pages/html/file/size.tpl.php	\|	1	+
themes/default/pages/html/file/uncompress.tpl.php	\|	1	+
themes/default/pages/html/folder/create.tpl.php	\|	1	+
themes/default/pages/html/folder/createfile.tpl.php	\|	1	+
themes/default/pages/html/folder/createfolder.tpl.php	\|	1	+
themes/default/pages/html/folder/createlink.tpl.php	\|	1	+
themes/default/pages/html/folder/createpage.tpl.php	\|	1	+
themes/default/pages/html/folder/edit.tpl.php	\|	1	+
themes/default/pages/html/folder/prop.tpl.php	\|	1	+
themes/default/pages/html/folder/pub.tpl.php	\|	1	+
themes/default/pages/html/folder/remove.tpl.php	\|	1	+
themes/default/pages/html/folder/select.tpl.php	\|	1	+
themes/default/pages/html/group/add.tpl.php	\|	1	+
themes/default/pages/html/group/edit.tpl.php	\|	1	+
themes/default/pages/html/group/remove.tpl.php	\|	1	+
themes/default/pages/html/group/users.tpl.php	\|	1	+
themes/default/pages/html/index/changepassword.tpl.php	\|	1	+
themes/default/pages/html/index/password.tpl.php	\|	1	+
themes/default/pages/html/index/passwordinputcode.tpl.php	\|	1	+
themes/default/pages/html/index/projectmenu.tpl.php	\|	1	+
themes/default/pages/html/index/register.tpl.php	\|	1	+
themes/default/pages/html/index/registeruserdata.tpl.php	\|	1	+
themes/default/pages/html/index/showlogin.tpl.php	\|	1	+
themes/default/pages/html/language/add.tpl.php	\|	1	+
themes/default/pages/html/language/advanced.tpl.php	\|	1	+
themes/default/pages/html/language/edit.tpl.php	\|	1	+
themes/default/pages/html/language/remove.tpl.php	\|	1	+
themes/default/pages/html/link/edit.tpl.php	\|	1	+
themes/default/pages/html/link/prop.tpl.php	\|	1	+
themes/default/pages/html/mainmenu/show.tpl.php	\|	1	+
themes/default/pages/html/model/add.tpl.php	\|	1	+
themes/default/pages/html/model/edit.tpl.php	\|	1	+
themes/default/pages/html/model/remove.tpl.php	\|	1	+
themes/default/pages/html/object/aclform.tpl.php	\|	13	+++++++++----
themes/default/pages/html/object/rights.tpl.php	\|	1	+
themes/default/pages/html/page/changetemplate.tpl.php	\|	1	+
themes/default/pages/html/page/changetemplateselectelements.tpl.php	\|	1	+
themes/default/pages/html/page/form.tpl.php	\|	1	+
themes/default/pages/html/page/prop.tpl.php	\|	1	+
themes/default/pages/html/page/pub.tpl.php	\|	1	+
themes/default/pages/html/pageelement/archive.tpl.php	\|	1	+
themes/default/pages/html/pageelement/diff.tpl.php	\|	1	+
themes/default/pages/html/pageelement/edit.tpl.php	\|	1	+
themes/default/pages/html/pageelement/export.tpl.php	\|	1	+
themes/default/pages/html/pageelement/import.tpl.php	\|	1	+
themes/default/pages/html/pageelement/link.tpl.php	\|	1	+
themes/default/pages/html/pageelement/prop.tpl.php	\|	1	+
themes/default/pages/html/profile/confirmmail.tpl.php	\|	1	+
themes/default/pages/html/profile/edit.tpl.php	\|	1	+
themes/default/pages/html/profile/mail.tpl.php	\|	1	+
themes/default/pages/html/profile/pwchange.tpl.php	\|	1	+
themes/default/pages/html/profile/settings.tpl.php	\|	1	+
themes/default/pages/html/project/add.tpl.php	\|	1	+
themes/default/pages/html/project/edit.tpl.php	\|	1	+
themes/default/pages/html/project/export.tpl.php	\|	1	+
themes/default/pages/html/project/maintenance.tpl.php	\|	1	+
themes/default/pages/html/project/remove.tpl.php	\|	1	+
themes/default/pages/html/search/content.tpl.php	\|	1	+
themes/default/pages/html/search/prop.tpl.php	\|	1	+
themes/default/pages/html/status/show.tpl.php	\|	6	++++++
themes/default/pages/html/template/add.tpl.php	\|	1	+
themes/default/pages/html/template/addel.tpl.php	\|	1	+
themes/default/pages/html/template/extension.tpl.php	\|	1	+
themes/default/pages/html/template/name.tpl.php	\|	1	+
themes/default/pages/html/template/remove.tpl.php	\|	1	+
themes/default/pages/html/template/src.tpl.php	\|	1	+
themes/default/pages/html/template/srcelement.tpl.php	\|	1	+
themes/default/pages/html/user/add.tpl.php	\|	1	+
themes/default/pages/html/user/edit.tpl.php	\|	1	+
themes/default/pages/html/user/groups.tpl.php	\|	1	+
themes/default/pages/html/user/pw.tpl.php	\|	1	+
themes/default/pages/html/user/remove.tpl.php	\|	1	+