From 5c64ae1a0ea55c9d38d11659cf5a48761e44571f Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <lfleischer@archlinux.org>
Date: Tue, 9 Jun 2015 09:05:05 +0200
Subject: Drop suffixes from confirm parameters

Remove the _delete and _disown suffixes from HTTP POST confirmation
parameters.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
---
 web/html/account.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'web/html/account.php')

diff --git a/web/html/account.php b/web/html/account.php
index cb33c4e..6ecd56e 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -70,7 +70,7 @@ if (isset($_COOKIE["AURSID"])) {
 		/* Details for account being deleted. */
 		if (can_edit_account($row)) {
 			$UID = $row['ID'];
-			if (in_request('confirm_Delete') && check_token()) {
+			if (in_request('confirm') && check_token()) {
 				user_delete($UID);
 				header('Location: /');
 			} else {
-- 
cgit v1.2.3-70-g09d2