From f1b2fefb1832ff2164f18cdbaea77d18ac654396 Mon Sep 17 00:00:00 2001
From: Niklas Keller <me@kelunik.com>
Date: Tue, 28 Mar 2023 22:31:10 +0200
Subject: [PATCH] Fix logout missing csrf token

See https://forum.dokuwiki.org/d/20248-security-token-did-not-match-possible-csrf-attack-cannot-log-out/8
---
 dokuwiki/lib/tpl/phpnet/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dokuwiki/lib/tpl/phpnet/main.php b/dokuwiki/lib/tpl/phpnet/main.php
index 611b1254..7fce4e14 100644
--- a/dokuwiki/lib/tpl/phpnet/main.php
+++ b/dokuwiki/lib/tpl/phpnet/main.php
@@ -33,7 +33,7 @@ if (empty($_SERVER['REMOTE_USER'])) {
     $LINKS = array(
         array("href" => "?do=edit",     "text" => "Edit this page",),
         array("href" => "?do=admin",    "text" => "Admin",),
-        array("href" => "?do=logout",   "text" => "Logout",),
+        array("href" => "?do=logout&sectok=" . urlencode(getSecurityToken()), "text" => "Logout",),
         array("href" => "?do=profile",  "text" => $name,),
     );
 }