From 53e799ec7ca60eb2a9b54cc0a82672645fedc094 Mon Sep 17 00:00:00 2001
From: Webslice <4052-webslice@users.noreply.git.ispconfig.org>
Date: Mon, 2 Mar 2020 10:19:16 +0100
Subject: [PATCH] Add CSRF key and token to FAQ delete links

---
 interface/web/help/templates/faq_manage_questions_list.htm | 2 +-
 interface/web/help/templates/help_faq_sections_list.htm    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/interface/web/help/templates/faq_manage_questions_list.htm b/interface/web/help/templates/faq_manage_questions_list.htm
index a29d0f06d0..9b54e7d4ff 100644
--- a/interface/web/help/templates/faq_manage_questions_list.htm
+++ b/interface/web/help/templates/faq_manage_questions_list.htm
@@ -24,7 +24,7 @@
                         <td width="60%">{tmpl_var name='hf_question'}</td>
                         <td width="30%">{tmpl_var name='hf_section'}</td>
                         <td class="text-right" width="5%">
-                            <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('help/faq_delete.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
+                            <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('help/faq_delete.php?id={tmpl_var name='id'}&_csrf_id={tmpl_var name='csrf_id'}&_csrf_key={tmpl_var name='csrf_key'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
                         </td>
                         <td class="text-right" width="5%">
                             <a class="btn btn-default formbutton-default formbutton-narrow" data-load-content="help/faq_edit.php?id={tmpl_var name='id'}"><span class="icon icon-edit"></span></a>
diff --git a/interface/web/help/templates/help_faq_sections_list.htm b/interface/web/help/templates/help_faq_sections_list.htm
index 5a3733aa0b..1d0ef16443 100644
--- a/interface/web/help/templates/help_faq_sections_list.htm
+++ b/interface/web/help/templates/help_faq_sections_list.htm
@@ -26,7 +26,7 @@
                     <tr>
                         <td><b>{tmpl_var name='hfs_name'}</b></td>
                         <td class="text-right">
-                            <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('help/faq_sections_delete.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
+                            <a class="btn btn-default formbutton-danger formbutton-narrow" href="javascript: ISPConfig.confirm_action('help/faq_sections_delete.php?id={tmpl_var name='id'}&_csrf_id={tmpl_var name='csrf_id'}&_csrf_key={tmpl_var name='csrf_key'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span class="icon icon-delete"></span></a>
                         </td>
                         <td class="text-right">
                             <a class="btn btn-default formbutton-default formbutton-narrow" data-load-content="help/faq_sections_edit.php?id={tmpl_var name='id'}"><span class="icon icon-edit"></span></a>
-- 
GitLab