</strong></td>
</tr>
<tr><td colspan="2"><img src="../../img/leer.gif" alt="" width="1" height="1" /></td></tr>
<?php
if ($gberror) {
?>
<tr>
<td style="color:#FF3333;">error: </td>
<td><strong style="color:#FF3333;"><?php
echo $gberror;
?>
</strong></td>
</tr><?php
}
$token_name = generate_token_name();
$token_value = generate_session_token($token_name);
?>
<form name="editguestbook" action="act_guestbook.php?<?php
echo get_token_get_string('csrftoken') . '&cid=' . $row['guestbook_cid'] . '&edit=' . $row['guestbook_id'];
?>
" target="_self" method="post">
<tr>
<td>name: </td>
<td><input name="gbname" type="text" id="gbname" class="width350" value="<?php
echo htmlspecialchars($row['guestbook_name']);
?>
" /></td>
</tr>
<tr>
<td>email: </td>
/**
* Callback function to add the CSRF token input fields to a form.
* Forms with attribute 'data-csrf="off"' are ignored.
*
* @access public
* @param array $match
* @param string $token_prefix (default: 'csrf_')
* @return string
*/
function get_tokenized_form($match, $token_prefix = 'csrf_')
{
$form = '<form' . $match[1] . '>';
if (strpos($match[1], 'data-csrf="off"') === false) {
$token_name = generate_token_name();
$token_value = generate_session_token($token_name);
$form .= '<input type="hidden" name="' . $token_prefix . 'token_name" value="' . $token_name . '" />';
$form .= '<input type="hidden" name="' . $token_prefix . 'token_value" value="' . $token_value . '" />';
}
$form .= $match[2];
$form .= '</form>';
return $form;
}
