diff --git a/base.php b/base.php
index 1bc9758..7f02093 100644
--- a/base.php
+++ b/base.php
@@ -23,6 +23,7 @@ require("include.misc.php");
require("include.memcache.php");
require("include.mysql.php");
require("include.session.php");
+require("include.csrf.php");
require("class.templater.php");
require("class.localizer.php");
diff --git a/class.templater.php b/class.templater.php
index 8080119..0af52e6 100644
--- a/class.templater.php
+++ b/class.templater.php
@@ -310,7 +310,10 @@ class Templater
$template->templatename = $template->basedir . $templatename . $template->extension;;
$template->Load($templatename);
$template->Localize($localize);
- return $template->Parse($compile);
+ $result = $template->Parse($compile);
+ $result = CSRF::InsertTokens($result);
+
+ return $result;
}
public function Parse($data)
diff --git a/include.csrf.php b/include.csrf.php
new file mode 100644
index 0000000..21a73df
--- /dev/null
+++ b/include.csrf.php
@@ -0,0 +1,69 @@
+ $key,
+ 'token' => $token
+ );
+ }
+
+ public static function GenerateReplacement($matches)
+ {
+ $pair = CSRF::GenerateToken();
+
+ return $matches[0] . "
+
+ ";
+ }
+
+ public static function InsertTokens($input)
+ {
+ return preg_replace_callback("/]*>(?!\s*