diff --git a/CHANGELOG.md b/CHANGELOG.md
index 885416eb..a95a81f6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,7 @@
**Merged pull requests:**
- Release v2.1.5-2024.05-alpha4 🎉
+- Security measures [\#331](https://github.com/torrentpier/torrentpier-lts/pull/331) ([belomaxorka](https://github.com/belomaxorka), [kovalensky](https://github.com/kovalensky))
- Some other changes / improvements
## [v2.1.5-2024.05-alpha3 [Final v2]](https://github.com/torrentpier/torrentpier-lts/tree/v2.1.5-2024.05-alpha3) (2024-06-04)
diff --git a/posting.php b/posting.php
index 6b8aa33a..8ac4b9c9 100644
--- a/posting.php
+++ b/posting.php
@@ -668,6 +668,7 @@ if ($userdata['user_level'] == GROUP_MEMBER || IS_AM)
}
}
+$page_title = '';
$hidden_form_fields = '';
switch( $mode )
diff --git a/privmsg.php b/privmsg.php
index 9b25e499..14a8c2d0 100644
--- a/privmsg.php
+++ b/privmsg.php
@@ -1285,7 +1285,7 @@ else if ( $submit || $refresh || $mode != '' )
$template->assign_block_vars('switch_privmsg', array());
$template->assign_var('POSTING_USERNAME');
- $post_a = ' ';
+ $post_a = false;
if ( $mode == 'post' )
{
$post_a = $lang['SEND_A_NEW_MESSAGE'];
@@ -1299,6 +1299,10 @@ else if ( $submit || $refresh || $mode != '' )
{
$post_a = $lang['EDIT_MESSAGE'];
}
+ else
+ {
+ pm_die($lang['NONE_SELECTED']);
+ }
$s_hidden_fields = '';
$s_hidden_fields .= '';