From bb3d4ee599e60c7c0f2a26ae5bf75344068a18e6 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 14 Oct 2020 16:03:48 +0200
Subject: [PATCH] Use new {csrfToken} tag in templates

---
 com.woltlab.wcf/templates/__form.tpl                          | 2 +-
 com.woltlab.wcf/templates/accountManagement.tpl               | 2 +-
 com.woltlab.wcf/templates/articleAdd.tpl                      | 2 +-
 com.woltlab.wcf/templates/avatarEdit.tpl                      | 2 +-
 com.woltlab.wcf/templates/contact.tpl                         | 2 +-
 com.woltlab.wcf/templates/disclaimer.tpl                      | 2 +-
 com.woltlab.wcf/templates/emailActivation.tpl                 | 2 +-
 com.woltlab.wcf/templates/emailNewActivationCode.tpl          | 2 +-
 com.woltlab.wcf/templates/headIncludeJavaScript.tpl           | 2 +-
 com.woltlab.wcf/templates/login.tpl                           | 2 +-
 com.woltlab.wcf/templates/lostPassword.tpl                    | 2 +-
 com.woltlab.wcf/templates/membersList.tpl                     | 2 +-
 com.woltlab.wcf/templates/newPassword.tpl                     | 2 +-
 com.woltlab.wcf/templates/notificationSettings.tpl            | 2 +-
 com.woltlab.wcf/templates/notificationUnsubscribe.tpl         | 2 +-
 com.woltlab.wcf/templates/pageHeaderSearch.tpl                | 2 +-
 com.woltlab.wcf/templates/pageHeaderUser.tpl                  | 4 ++--
 com.woltlab.wcf/templates/pageMenuMobile.tpl                  | 2 +-
 com.woltlab.wcf/templates/register.tpl                        | 2 +-
 com.woltlab.wcf/templates/registerActivation.tpl              | 2 +-
 com.woltlab.wcf/templates/registerNewActivationCode.tpl       | 2 +-
 com.woltlab.wcf/templates/search.tpl                          | 2 +-
 com.woltlab.wcf/templates/settings.tpl                        | 2 +-
 com.woltlab.wcf/templates/signatureEdit.tpl                   | 2 +-
 com.woltlab.wcf/templates/tagSearch.tpl                       | 2 +-
 com.woltlab.wcf/templates/userSearch.tpl                      | 2 +-
 wcfsetup/install/files/acp/templates/__form.tpl               | 2 +-
 wcfsetup/install/files/acp/templates/adAdd.tpl                | 2 +-
 wcfsetup/install/files/acp/templates/applicationEdit.tpl      | 2 +-
 wcfsetup/install/files/acp/templates/articleAdd.tpl           | 2 +-
 wcfsetup/install/files/acp/templates/articleList.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/attachmentList.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/bbcodeAdd.tpl            | 2 +-
 .../install/files/acp/templates/bbcodeMediaProviderAdd.tpl    | 2 +-
 wcfsetup/install/files/acp/templates/boxAdd.tpl               | 2 +-
 wcfsetup/install/files/acp/templates/boxList.tpl              | 2 +-
 wcfsetup/install/files/acp/templates/bulkProcessing.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/captchaQuestionAdd.tpl   | 2 +-
 wcfsetup/install/files/acp/templates/categoryAdd.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/contactOptionAdd.tpl     | 2 +-
 wcfsetup/install/files/acp/templates/contactRecipientAdd.tpl  | 2 +-
 wcfsetup/install/files/acp/templates/cronjobAdd.tpl           | 2 +-
 wcfsetup/install/files/acp/templates/cronjobLogList.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/dataImport.tpl           | 4 ++--
 .../files/acp/templates/devtoolsProjectPipEntryList.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/firstTimeSetup.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/header.tpl               | 2 +-
 wcfsetup/install/files/acp/templates/labelAdd.tpl             | 2 +-
 wcfsetup/install/files/acp/templates/labelGroupAdd.tpl        | 2 +-
 wcfsetup/install/files/acp/templates/labelGroupList.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/labelList.tpl            | 2 +-
 wcfsetup/install/files/acp/templates/languageAdd.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/languageExport.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/languageImport.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/languageItemList.tpl     | 2 +-
 .../install/files/acp/templates/languageMultilingualism.tpl   | 2 +-
 wcfsetup/install/files/acp/templates/login.tpl                | 2 +-
 wcfsetup/install/files/acp/templates/masterPassword.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/masterPasswordInit.tpl   | 2 +-
 wcfsetup/install/files/acp/templates/mediaList.tpl            | 2 +-
 wcfsetup/install/files/acp/templates/menuAdd.tpl              | 2 +-
 wcfsetup/install/files/acp/templates/menuItemAdd.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/modificationLogList.tpl  | 2 +-
 wcfsetup/install/files/acp/templates/noticeAdd.tpl            | 2 +-
 .../files/acp/templates/notificationPresetSettings.tpl        | 2 +-
 wcfsetup/install/files/acp/templates/option.tpl               | 2 +-
 wcfsetup/install/files/acp/templates/packageStartInstall.tpl  | 2 +-
 .../install/files/acp/templates/packageUpdateServerAdd.tpl    | 2 +-
 wcfsetup/install/files/acp/templates/pageAdd.tpl              | 2 +-
 wcfsetup/install/files/acp/templates/pageHeaderUser.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/pageList.tpl             | 2 +-
 wcfsetup/install/files/acp/templates/pageMenuMobile.tpl       | 2 +-
 wcfsetup/install/files/acp/templates/paidSubscriptionAdd.tpl  | 2 +-
 .../acp/templates/paidSubscriptionTransactionLogList.tpl      | 2 +-
 .../install/files/acp/templates/paidSubscriptionUserAdd.tpl   | 2 +-
 .../install/files/acp/templates/paidSubscriptionUserList.tpl  | 2 +-
 wcfsetup/install/files/acp/templates/sitemapEdit.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/smileyAdd.tpl            | 2 +-
 wcfsetup/install/files/acp/templates/styleAdd.tpl             | 2 +-
 wcfsetup/install/files/acp/templates/styleExport.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/styleGlobalValues.tpl    | 2 +-
 wcfsetup/install/files/acp/templates/styleImport.tpl          | 4 ++--
 wcfsetup/install/files/acp/templates/tagAdd.tpl               | 2 +-
 wcfsetup/install/files/acp/templates/tagList.tpl              | 2 +-
 wcfsetup/install/files/acp/templates/templateAdd.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/templateGroupAdd.tpl     | 2 +-
 wcfsetup/install/files/acp/templates/templateList.tpl         | 2 +-
 wcfsetup/install/files/acp/templates/trophyAdd.tpl            | 2 +-
 .../install/files/acp/templates/userActivityPointOption.tpl   | 2 +-
 wcfsetup/install/files/acp/templates/userAdd.tpl              | 2 +-
 wcfsetup/install/files/acp/templates/userAssignToGroup.tpl    | 2 +-
 .../install/files/acp/templates/userContentRevertChanges.tpl  | 2 +-
 .../install/files/acp/templates/userEmailAddressExport.tpl    | 2 +-
 wcfsetup/install/files/acp/templates/userGroupAdd.tpl         | 2 +-
 .../install/files/acp/templates/userGroupAssignmentAdd.tpl    | 2 +-
 wcfsetup/install/files/acp/templates/userGroupOption.tpl      | 2 +-
 wcfsetup/install/files/acp/templates/userMail.tpl             | 2 +-
 wcfsetup/install/files/acp/templates/userMerge.tpl            | 2 +-
 wcfsetup/install/files/acp/templates/userOptionAdd.tpl        | 2 +-
 .../install/files/acp/templates/userOptionCategoryAdd.tpl     | 2 +-
 .../install/files/acp/templates/userOptionSetDefaults.tpl     | 2 +-
 wcfsetup/install/files/acp/templates/userRankAdd.tpl          | 2 +-
 wcfsetup/install/files/acp/templates/userSearch.tpl           | 2 +-
 wcfsetup/install/files/acp/templates/userTrophyAdd.tpl        | 2 +-
 wcfsetup/install/files/acp/templates/userTrophyList.tpl       | 2 +-
 105 files changed, 108 insertions(+), 108 deletions(-)

diff --git a/com.woltlab.wcf/templates/__form.tpl b/com.woltlab.wcf/templates/__form.tpl
index 0136702a38..e5470ba046 100644
--- a/com.woltlab.wcf/templates/__form.tpl
+++ b/com.woltlab.wcf/templates/__form.tpl
@@ -62,7 +62,7 @@
 {if $form->isAjax()}
 	</section>
 {else}
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</form>
 {/if}
 
diff --git a/com.woltlab.wcf/templates/accountManagement.tpl b/com.woltlab.wcf/templates/accountManagement.tpl
index 291ce150b1..3791d2fa54 100644
--- a/com.woltlab.wcf/templates/accountManagement.tpl
+++ b/com.woltlab.wcf/templates/accountManagement.tpl
@@ -267,7 +267,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/articleAdd.tpl b/com.woltlab.wcf/templates/articleAdd.tpl
index 4b85a9bb02..18c407d676 100644
--- a/com.woltlab.wcf/templates/articleAdd.tpl
+++ b/com.woltlab.wcf/templates/articleAdd.tpl
@@ -552,7 +552,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="isMultilingual" value="{@$isMultilingual}">
 		<input type="hidden" name="timeNowReference" value="{@TIME_NOW}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/avatarEdit.tpl b/com.woltlab.wcf/templates/avatarEdit.tpl
index fe7d1d8f6f..8b32e76e49 100644
--- a/com.woltlab.wcf/templates/avatarEdit.tpl
+++ b/com.woltlab.wcf/templates/avatarEdit.tpl
@@ -70,7 +70,7 @@
 	{if !$__wcf->user->disableAvatar}
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	{/if}
 </form>
diff --git a/com.woltlab.wcf/templates/contact.tpl b/com.woltlab.wcf/templates/contact.tpl
index 368a5b5990..1c5a64390d 100644
--- a/com.woltlab.wcf/templates/contact.tpl
+++ b/com.woltlab.wcf/templates/contact.tpl
@@ -98,7 +98,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 	
 	<div class="section">
diff --git a/com.woltlab.wcf/templates/disclaimer.tpl b/com.woltlab.wcf/templates/disclaimer.tpl
index 61ed8be392..60c024ec27 100644
--- a/com.woltlab.wcf/templates/disclaimer.tpl
+++ b/com.woltlab.wcf/templates/disclaimer.tpl
@@ -13,7 +13,7 @@
 		<div class="formSubmit">
 			<input type="submit" name="accept" value="{lang}wcf.user.register.disclaimer.accept{/lang}" accesskey="s">
 			<a class="button" href="{link}{/link}">{lang}wcf.user.register.disclaimer.decline{/lang}</a>
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	{/if}
 </form>
diff --git a/com.woltlab.wcf/templates/emailActivation.tpl b/com.woltlab.wcf/templates/emailActivation.tpl
index 4c6f442056..6f556d7e96 100644
--- a/com.woltlab.wcf/templates/emailActivation.tpl
+++ b/com.woltlab.wcf/templates/emailActivation.tpl
@@ -36,7 +36,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/emailNewActivationCode.tpl b/com.woltlab.wcf/templates/emailNewActivationCode.tpl
index 4f56896283..03824082f0 100644
--- a/com.woltlab.wcf/templates/emailNewActivationCode.tpl
+++ b/com.woltlab.wcf/templates/emailNewActivationCode.tpl
@@ -45,7 +45,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
index 9975e837f1..b4304d09fe 100644
--- a/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
+++ b/com.woltlab.wcf/templates/headIncludeJavaScript.tpl
@@ -6,7 +6,7 @@
 	var SID_ARG_2ND	= '';
 	var WCF_PATH = '{@$__wcf->getPath()}';
 	var WSC_API_URL = '{@$__wcf->getActivePath()}';
-	var SECURITY_TOKEN = '{@SECURITY_TOKEN}';
+	var SECURITY_TOKEN = '{csrfToken type=raw}';
 	var LANGUAGE_ID = {@$__wcf->getLanguage()->languageID};
 	var LANGUAGE_USE_INFORMAL_VARIANT = {if LANGUAGE_USE_INFORMAL_VARIANT}true{else}false{/if};
 	var TIME_NOW = {@TIME_NOW};
diff --git a/com.woltlab.wcf/templates/login.tpl b/com.woltlab.wcf/templates/login.tpl
index 1f580e8c18..cbf20756f6 100644
--- a/com.woltlab.wcf/templates/login.tpl
+++ b/com.woltlab.wcf/templates/login.tpl
@@ -53,7 +53,7 @@
 			<div class="userLoginButtons">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 				<input type="hidden" name="url" value="{$url}">
-				{@SECURITY_TOKEN_INPUT_TAG}
+				{csrfToken}
 			</div>
 		</section>
 		
diff --git a/com.woltlab.wcf/templates/lostPassword.tpl b/com.woltlab.wcf/templates/lostPassword.tpl
index 6f9b0bb27d..c63202354d 100644
--- a/com.woltlab.wcf/templates/lostPassword.tpl
+++ b/com.woltlab.wcf/templates/lostPassword.tpl
@@ -46,7 +46,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/membersList.tpl b/com.woltlab.wcf/templates/membersList.tpl
index 9fc6744d36..3aafb91aa8 100644
--- a/com.woltlab.wcf/templates/membersList.tpl
+++ b/com.woltlab.wcf/templates/membersList.tpl
@@ -25,7 +25,7 @@
 					<dt></dt>
 					<dd>
 						<input type="text" id="searchUsername" name="username" class="long" placeholder="{lang}wcf.user.username{/lang}">
-						{@SECURITY_TOKEN_INPUT_TAG}
+						{csrfToken}
 					</dd>
 				</dl>
 			</div>
diff --git a/com.woltlab.wcf/templates/newPassword.tpl b/com.woltlab.wcf/templates/newPassword.tpl
index 2e9aa25a00..8497892f30 100644
--- a/com.woltlab.wcf/templates/newPassword.tpl
+++ b/com.woltlab.wcf/templates/newPassword.tpl
@@ -54,7 +54,7 @@
 		
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/notificationSettings.tpl b/com.woltlab.wcf/templates/notificationSettings.tpl
index 629f904441..e19dc0538b 100644
--- a/com.woltlab.wcf/templates/notificationSettings.tpl
+++ b/com.woltlab.wcf/templates/notificationSettings.tpl
@@ -57,7 +57,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/notificationUnsubscribe.tpl b/com.woltlab.wcf/templates/notificationUnsubscribe.tpl
index d09fd53fb7..674fa6e95a 100644
--- a/com.woltlab.wcf/templates/notificationUnsubscribe.tpl
+++ b/com.woltlab.wcf/templates/notificationUnsubscribe.tpl
@@ -22,7 +22,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.user.notification.mail.unsubscribe.confirm{/lang}" accesskey="s">
 		{* The tag is not technically required, but the POST data would be empty otherwise. *}
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/pageHeaderSearch.tpl b/com.woltlab.wcf/templates/pageHeaderSearch.tpl
index 84b302dda7..0812fe2111 100644
--- a/com.woltlab.wcf/templates/pageHeaderSearch.tpl
+++ b/com.woltlab.wcf/templates/pageHeaderSearch.tpl
@@ -58,7 +58,7 @@
 			
 			{if !$__searchStaticOptions|empty}{@$__searchStaticOptions}{/if}
 			
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 </div>
diff --git a/com.woltlab.wcf/templates/pageHeaderUser.tpl b/com.woltlab.wcf/templates/pageHeaderUser.tpl
index 7f89ec873d..ce657cdb2c 100644
--- a/com.woltlab.wcf/templates/pageHeaderUser.tpl
+++ b/com.woltlab.wcf/templates/pageHeaderUser.tpl
@@ -71,7 +71,7 @@
 							{event name='userMenuItemsAfter'}
 						</ul>
 					</div>
-					<a class="interactiveDropdownShowAll" href="{link controller='Logout'}t={@SECURITY_TOKEN}{/link}" onclick="WCF.Dropdown.Interactive.Handler.close('userMenu'); WCF.System.Confirmation.show('{lang}wcf.user.logout.sure{/lang}', $.proxy(function (action) { if (action == 'confirm') window.location.href = $(this).attr('href'); }, this)); return false;">{lang}wcf.user.logout{/lang}</a>
+					<a class="interactiveDropdownShowAll" href="{link controller='Logout'}t={csrfToken type=url}{/link}" onclick="WCF.Dropdown.Interactive.Handler.close('userMenu'); WCF.System.Confirmation.show('{lang}wcf.user.logout.sure{/lang}', $.proxy(function (action) { if (action == 'confirm') window.location.href = $(this).attr('href'); }, this)); return false;">{lang}wcf.user.logout{/lang}</a>
 				</div>
 				<script data-relocate="true">
 					$(function() {
@@ -167,7 +167,7 @@
 								<div class="userLoginButtons">
 									<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 									<input type="hidden" name="url" value="{$__wcf->session->requestURI}">
-									{@SECURITY_TOKEN_INPUT_TAG}
+									{csrfToken}
 								</div>
 							</section>
 							
diff --git a/com.woltlab.wcf/templates/pageMenuMobile.tpl b/com.woltlab.wcf/templates/pageMenuMobile.tpl
index bab64312f5..c43dd23c07 100644
--- a/com.woltlab.wcf/templates/pageMenuMobile.tpl
+++ b/com.woltlab.wcf/templates/pageMenuMobile.tpl
@@ -144,7 +144,7 @@
 			
 			<li class="menuOverlayItemSpacer"></li>
 			<li class="menuOverlayItem">
-				<a href="{link controller='Logout'}t={@SECURITY_TOKEN}{/link}" class="menuOverlayItemLink box24">
+				<a href="{link controller='Logout'}t={csrfToken type=url}{/link}" class="menuOverlayItemLink box24">
 					<span class="icon icon24 fa-sign-out"></span>
 					<span class="menuOverlayItemTitle">{lang}wcf.user.logout{/lang}</span>
 				</a>
diff --git a/com.woltlab.wcf/templates/register.tpl b/com.woltlab.wcf/templates/register.tpl
index cdb556ba3f..9f6949b8e0 100644
--- a/com.woltlab.wcf/templates/register.tpl
+++ b/com.woltlab.wcf/templates/register.tpl
@@ -212,7 +212,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 	
 	<div class="section">
diff --git a/com.woltlab.wcf/templates/registerActivation.tpl b/com.woltlab.wcf/templates/registerActivation.tpl
index b7c87f54e2..8a1e6dc78a 100644
--- a/com.woltlab.wcf/templates/registerActivation.tpl
+++ b/com.woltlab.wcf/templates/registerActivation.tpl
@@ -38,7 +38,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/registerNewActivationCode.tpl b/com.woltlab.wcf/templates/registerNewActivationCode.tpl
index 1998c7126c..5e362ca467 100644
--- a/com.woltlab.wcf/templates/registerNewActivationCode.tpl
+++ b/com.woltlab.wcf/templates/registerNewActivationCode.tpl
@@ -58,7 +58,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/search.tpl b/com.woltlab.wcf/templates/search.tpl
index 4d9b4cf863..5b68bbf0f4 100644
--- a/com.woltlab.wcf/templates/search.tpl
+++ b/com.woltlab.wcf/templates/search.tpl
@@ -117,7 +117,7 @@
 			
 			<div class="formSubmit">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-				{@SECURITY_TOKEN_INPUT_TAG}
+				{csrfToken}
 			</div>
 		</div>
 	</div>
diff --git a/com.woltlab.wcf/templates/settings.tpl b/com.woltlab.wcf/templates/settings.tpl
index d8a122335f..e577ceb134 100644
--- a/com.woltlab.wcf/templates/settings.tpl
+++ b/com.woltlab.wcf/templates/settings.tpl
@@ -135,7 +135,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		{if $category != 'general'}<input type="hidden" name="category" value="{$category}">{/if}
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/signatureEdit.tpl b/com.woltlab.wcf/templates/signatureEdit.tpl
index 45065e2eb8..5d629c9134 100644
--- a/com.woltlab.wcf/templates/signatureEdit.tpl
+++ b/com.woltlab.wcf/templates/signatureEdit.tpl
@@ -61,7 +61,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 			<button id="previewButton" class="jsOnly" accesskey="p">{lang}wcf.global.button.preview{/lang}</button>
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	{/if}
 </form>
diff --git a/com.woltlab.wcf/templates/tagSearch.tpl b/com.woltlab.wcf/templates/tagSearch.tpl
index baf789b3cb..99462537e5 100644
--- a/com.woltlab.wcf/templates/tagSearch.tpl
+++ b/com.woltlab.wcf/templates/tagSearch.tpl
@@ -69,7 +69,7 @@
 			
 			<div class="formSubmit">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-				{@SECURITY_TOKEN_INPUT_TAG}
+				{csrfToken}
 			</div>
 		</div>
 	</div>
diff --git a/com.woltlab.wcf/templates/userSearch.tpl b/com.woltlab.wcf/templates/userSearch.tpl
index ebdbd13a3c..b015093859 100644
--- a/com.woltlab.wcf/templates/userSearch.tpl
+++ b/com.woltlab.wcf/templates/userSearch.tpl
@@ -34,7 +34,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/__form.tpl b/wcfsetup/install/files/acp/templates/__form.tpl
index 0136702a38..e5470ba046 100644
--- a/wcfsetup/install/files/acp/templates/__form.tpl
+++ b/wcfsetup/install/files/acp/templates/__form.tpl
@@ -62,7 +62,7 @@
 {if $form->isAjax()}
 	</section>
 {else}
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</form>
 {/if}
 
diff --git a/wcfsetup/install/files/acp/templates/adAdd.tpl b/wcfsetup/install/files/acp/templates/adAdd.tpl
index 02ff107231..0a8fb5946a 100644
--- a/wcfsetup/install/files/acp/templates/adAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/adAdd.tpl
@@ -149,7 +149,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/applicationEdit.tpl b/wcfsetup/install/files/acp/templates/applicationEdit.tpl
index cef14c3eb2..fc43a29835 100644
--- a/wcfsetup/install/files/acp/templates/applicationEdit.tpl
+++ b/wcfsetup/install/files/acp/templates/applicationEdit.tpl
@@ -106,7 +106,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/articleAdd.tpl b/wcfsetup/install/files/acp/templates/articleAdd.tpl
index 4b85a9bb02..18c407d676 100644
--- a/wcfsetup/install/files/acp/templates/articleAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/articleAdd.tpl
@@ -552,7 +552,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="isMultilingual" value="{@$isMultilingual}">
 		<input type="hidden" name="timeNowReference" value="{@TIME_NOW}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/articleList.tpl b/wcfsetup/install/files/acp/templates/articleList.tpl
index 1ead92767f..2bee0e9c0b 100644
--- a/wcfsetup/install/files/acp/templates/articleList.tpl
+++ b/wcfsetup/install/files/acp/templates/articleList.tpl
@@ -100,7 +100,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/attachmentList.tpl b/wcfsetup/install/files/acp/templates/attachmentList.tpl
index 276dea3b51..3ec640e883 100644
--- a/wcfsetup/install/files/acp/templates/attachmentList.tpl
+++ b/wcfsetup/install/files/acp/templates/attachmentList.tpl
@@ -62,7 +62,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl b/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
index 3abd4a11bc..c8154d7f4f 100644
--- a/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
@@ -256,7 +256,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl b/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
index 910f4c9693..23b6f87772 100644
--- a/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
@@ -91,7 +91,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/boxAdd.tpl b/wcfsetup/install/files/acp/templates/boxAdd.tpl
index ffbfafb357..c560cb2044 100644
--- a/wcfsetup/install/files/acp/templates/boxAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/boxAdd.tpl
@@ -483,7 +483,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="isMultilingual" value="{@$isMultilingual}">
 		<input type="hidden" name="boxType" value="{$boxType}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/boxList.tpl b/wcfsetup/install/files/acp/templates/boxList.tpl
index 87a20ed5df..9f325c97aa 100644
--- a/wcfsetup/install/files/acp/templates/boxList.tpl
+++ b/wcfsetup/install/files/acp/templates/boxList.tpl
@@ -84,7 +84,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/bulkProcessing.tpl b/wcfsetup/install/files/acp/templates/bulkProcessing.tpl
index 06a1918093..09a576a4c2 100644
--- a/wcfsetup/install/files/acp/templates/bulkProcessing.tpl
+++ b/wcfsetup/install/files/acp/templates/bulkProcessing.tpl
@@ -79,7 +79,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/captchaQuestionAdd.tpl b/wcfsetup/install/files/acp/templates/captchaQuestionAdd.tpl
index e5910ec8b8..894c5b41de 100644
--- a/wcfsetup/install/files/acp/templates/captchaQuestionAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/captchaQuestionAdd.tpl
@@ -71,7 +71,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/categoryAdd.tpl b/wcfsetup/install/files/acp/templates/categoryAdd.tpl
index 812033c80f..74ac5fd8c7 100644
--- a/wcfsetup/install/files/acp/templates/categoryAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/categoryAdd.tpl
@@ -168,7 +168,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/contactOptionAdd.tpl b/wcfsetup/install/files/acp/templates/contactOptionAdd.tpl
index 5e4803ba42..ca561d87c0 100644
--- a/wcfsetup/install/files/acp/templates/contactOptionAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/contactOptionAdd.tpl
@@ -23,7 +23,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/contactRecipientAdd.tpl b/wcfsetup/install/files/acp/templates/contactRecipientAdd.tpl
index 33d099241a..ca2ef2a0e8 100644
--- a/wcfsetup/install/files/acp/templates/contactRecipientAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/contactRecipientAdd.tpl
@@ -87,7 +87,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="action" value="{@$action}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/cronjobAdd.tpl b/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
index 944cb961a2..bce6da0ab8 100644
--- a/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
@@ -131,7 +131,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/cronjobLogList.tpl b/wcfsetup/install/files/acp/templates/cronjobLogList.tpl
index 9d3852c637..5ec0a76c5f 100644
--- a/wcfsetup/install/files/acp/templates/cronjobLogList.tpl
+++ b/wcfsetup/install/files/acp/templates/cronjobLogList.tpl
@@ -64,7 +64,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/dataImport.tpl b/wcfsetup/install/files/acp/templates/dataImport.tpl
index 799c084928..20c182f837 100644
--- a/wcfsetup/install/files/acp/templates/dataImport.tpl
+++ b/wcfsetup/install/files/acp/templates/dataImport.tpl
@@ -111,7 +111,7 @@
 			<div class="formSubmit">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 				<input type="hidden" name="sourceSelection" value="1">
-				{@SECURITY_TOKEN_INPUT_TAG}
+				{csrfToken}
 			</div>
 		</form>
 	{/if}
@@ -220,7 +220,7 @@
 		<div class="formSubmit">
 			<input type="hidden" name="exporterName" value="{$exporterName}">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/devtoolsProjectPipEntryList.tpl b/wcfsetup/install/files/acp/templates/devtoolsProjectPipEntryList.tpl
index 0cecbc0ed5..08729a2d33 100644
--- a/wcfsetup/install/files/acp/templates/devtoolsProjectPipEntryList.tpl
+++ b/wcfsetup/install/files/acp/templates/devtoolsProjectPipEntryList.tpl
@@ -49,7 +49,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/firstTimeSetup.tpl b/wcfsetup/install/files/acp/templates/firstTimeSetup.tpl
index 1281194bee..a9ce379564 100644
--- a/wcfsetup/install/files/acp/templates/firstTimeSetup.tpl
+++ b/wcfsetup/install/files/acp/templates/firstTimeSetup.tpl
@@ -40,7 +40,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" name="__submit" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/header.tpl b/wcfsetup/install/files/acp/templates/header.tpl
index 4fa712bd65..3388d8479c 100644
--- a/wcfsetup/install/files/acp/templates/header.tpl
+++ b/wcfsetup/install/files/acp/templates/header.tpl
@@ -32,7 +32,7 @@
 		var SID_ARG_2ND = '';
 		var WCF_PATH = '{@$__wcf->getPath()}';
 		var WSC_API_URL = '{@$__wcf->getActivePath()}acp/';
-		var SECURITY_TOKEN = '{@SECURITY_TOKEN}';
+		var SECURITY_TOKEN = '{csrfToken type=raw}';
 		var LANGUAGE_ID = {@$__wcf->getLanguage()->languageID};
 		var LANGUAGE_USE_INFORMAL_VARIANT = {if LANGUAGE_USE_INFORMAL_VARIANT}true{else}false{/if};
 		var TIME_NOW = {@TIME_NOW};
diff --git a/wcfsetup/install/files/acp/templates/labelAdd.tpl b/wcfsetup/install/files/acp/templates/labelAdd.tpl
index 54fdb4dd32..2d42be6f06 100644
--- a/wcfsetup/install/files/acp/templates/labelAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/labelAdd.tpl
@@ -124,7 +124,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl b/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
index afc3860bbd..e7408446ec 100644
--- a/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
@@ -120,7 +120,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/labelGroupList.tpl b/wcfsetup/install/files/acp/templates/labelGroupList.tpl
index f5ccb86be8..e80a80b2de 100644
--- a/wcfsetup/install/files/acp/templates/labelGroupList.tpl
+++ b/wcfsetup/install/files/acp/templates/labelGroupList.tpl
@@ -55,7 +55,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/labelList.tpl b/wcfsetup/install/files/acp/templates/labelList.tpl
index 88f856bcdd..06b3b8098a 100644
--- a/wcfsetup/install/files/acp/templates/labelList.tpl
+++ b/wcfsetup/install/files/acp/templates/labelList.tpl
@@ -77,7 +77,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/languageAdd.tpl b/wcfsetup/install/files/acp/templates/languageAdd.tpl
index 099ec958b5..6792f1454f 100644
--- a/wcfsetup/install/files/acp/templates/languageAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/languageAdd.tpl
@@ -99,7 +99,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageExport.tpl b/wcfsetup/install/files/acp/templates/languageExport.tpl
index 13228d88a2..fb2d91a79f 100644
--- a/wcfsetup/install/files/acp/templates/languageExport.tpl
+++ b/wcfsetup/install/files/acp/templates/languageExport.tpl
@@ -63,7 +63,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" accesskey="s" value="{lang}wcf.global.button.submit{/lang}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageImport.tpl b/wcfsetup/install/files/acp/templates/languageImport.tpl
index 8fbdb8d93c..0d7df015f4 100644
--- a/wcfsetup/install/files/acp/templates/languageImport.tpl
+++ b/wcfsetup/install/files/acp/templates/languageImport.tpl
@@ -66,7 +66,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageItemList.tpl b/wcfsetup/install/files/acp/templates/languageItemList.tpl
index f037ff9153..fd4be56d4b 100644
--- a/wcfsetup/install/files/acp/templates/languageItemList.tpl
+++ b/wcfsetup/install/files/acp/templates/languageItemList.tpl
@@ -77,7 +77,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl b/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
index 26223e15ee..f47ac87d4f 100644
--- a/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
+++ b/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
@@ -56,7 +56,7 @@
 		
 	<div class="formSubmit">
 		<input type="submit" accesskey="s" value="{lang}wcf.global.button.submit{/lang}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/login.tpl b/wcfsetup/install/files/acp/templates/login.tpl
index ea7d7faac9..018c2107e2 100644
--- a/wcfsetup/install/files/acp/templates/login.tpl
+++ b/wcfsetup/install/files/acp/templates/login.tpl
@@ -43,7 +43,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 			<input type="hidden" name="url" value="{$url}">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 </div>
diff --git a/wcfsetup/install/files/acp/templates/masterPassword.tpl b/wcfsetup/install/files/acp/templates/masterPassword.tpl
index ecfa1b0e3a..3865cfded6 100644
--- a/wcfsetup/install/files/acp/templates/masterPassword.tpl
+++ b/wcfsetup/install/files/acp/templates/masterPassword.tpl
@@ -39,7 +39,7 @@
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="url" value="{$url}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/masterPasswordInit.tpl b/wcfsetup/install/files/acp/templates/masterPasswordInit.tpl
index 96f225cfb8..9fba333e0a 100644
--- a/wcfsetup/install/files/acp/templates/masterPasswordInit.tpl
+++ b/wcfsetup/install/files/acp/templates/masterPasswordInit.tpl
@@ -67,7 +67,7 @@
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="url" value="{$url}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/mediaList.tpl b/wcfsetup/install/files/acp/templates/mediaList.tpl
index cda3c98fa7..d185200341 100644
--- a/wcfsetup/install/files/acp/templates/mediaList.tpl
+++ b/wcfsetup/install/files/acp/templates/mediaList.tpl
@@ -87,7 +87,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/menuAdd.tpl b/wcfsetup/install/files/acp/templates/menuAdd.tpl
index a2c026f9b8..33ff4bc405 100644
--- a/wcfsetup/install/files/acp/templates/menuAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/menuAdd.tpl
@@ -170,7 +170,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/menuItemAdd.tpl b/wcfsetup/install/files/acp/templates/menuItemAdd.tpl
index ca38dc46c8..d4922ff635 100644
--- a/wcfsetup/install/files/acp/templates/menuItemAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/menuItemAdd.tpl
@@ -185,7 +185,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}">
 		{if $action == 'add'}<input type="hidden" name="menuID" value="{@$menuID}">{/if}
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/modificationLogList.tpl b/wcfsetup/install/files/acp/templates/modificationLogList.tpl
index 1e7969ea90..8b59610880 100644
--- a/wcfsetup/install/files/acp/templates/modificationLogList.tpl
+++ b/wcfsetup/install/files/acp/templates/modificationLogList.tpl
@@ -75,7 +75,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/noticeAdd.tpl b/wcfsetup/install/files/acp/templates/noticeAdd.tpl
index 1c17444399..5f61f962d7 100644
--- a/wcfsetup/install/files/acp/templates/noticeAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/noticeAdd.tpl
@@ -193,7 +193,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/notificationPresetSettings.tpl b/wcfsetup/install/files/acp/templates/notificationPresetSettings.tpl
index baff58e084..ada09dac33 100644
--- a/wcfsetup/install/files/acp/templates/notificationPresetSettings.tpl
+++ b/wcfsetup/install/files/acp/templates/notificationPresetSettings.tpl
@@ -88,7 +88,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/option.tpl b/wcfsetup/install/files/acp/templates/option.tpl
index abd2ea4784..26a77e1f3d 100644
--- a/wcfsetup/install/files/acp/templates/option.tpl
+++ b/wcfsetup/install/files/acp/templates/option.tpl
@@ -91,7 +91,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" name="__submit" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/packageStartInstall.tpl b/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
index 7d00a8247a..8fae6cb719 100644
--- a/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
+++ b/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
@@ -106,7 +106,7 @@
 			<div class="formSubmit">
 				<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 				<input type="hidden" name="action" value="{$action}">
-				{@SECURITY_TOKEN_INPUT_TAG}
+				{csrfToken}
 			</div>
 		</form>
 	</div>
diff --git a/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl b/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
index 860461c2b9..2fbd90177a 100644
--- a/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
@@ -63,7 +63,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/pageAdd.tpl b/wcfsetup/install/files/acp/templates/pageAdd.tpl
index 1b654e345d..907dc252c5 100644
--- a/wcfsetup/install/files/acp/templates/pageAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/pageAdd.tpl
@@ -571,7 +571,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="isMultilingual" value="{@$isMultilingual}">
 		<input type="hidden" name="pageType" value="{$pageType}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/pageHeaderUser.tpl b/wcfsetup/install/files/acp/templates/pageHeaderUser.tpl
index fbbe62dce0..77a2073e6c 100644
--- a/wcfsetup/install/files/acp/templates/pageHeaderUser.tpl
+++ b/wcfsetup/install/files/acp/templates/pageHeaderUser.tpl
@@ -12,7 +12,7 @@
 						{event name='userMenuItems'}
 						
 						<li class="dropdownDivider"></li>
-						<li><a href="{link controller='Logout'}t={@SECURITY_TOKEN}{/link}" onclick="WCF.System.Confirmation.show('{lang}wcf.user.logout.sure{/lang}', $.proxy(function (action) { if (action == 'confirm') window.location.href = $(this).attr('href'); }, this)); return false;">{lang}wcf.user.logout{/lang}</a></li>
+						<li><a href="{link controller='Logout'}t={csrfToken type=url}{/link}" onclick="WCF.System.Confirmation.show('{lang}wcf.user.logout.sure{/lang}', $.proxy(function (action) { if (action == 'confirm') window.location.href = $(this).attr('href'); }, this)); return false;">{lang}wcf.user.logout{/lang}</a></li>
 					</ul>
 				</li>
 				
diff --git a/wcfsetup/install/files/acp/templates/pageList.tpl b/wcfsetup/install/files/acp/templates/pageList.tpl
index 138b55ebcc..c4ef874487 100644
--- a/wcfsetup/install/files/acp/templates/pageList.tpl
+++ b/wcfsetup/install/files/acp/templates/pageList.tpl
@@ -85,7 +85,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/pageMenuMobile.tpl b/wcfsetup/install/files/acp/templates/pageMenuMobile.tpl
index 9f32e13939..259fd57b23 100644
--- a/wcfsetup/install/files/acp/templates/pageMenuMobile.tpl
+++ b/wcfsetup/install/files/acp/templates/pageMenuMobile.tpl
@@ -75,7 +75,7 @@
 			</li>
 			<li class="menuOverlayTitle">{$__wcf->user->username}</li>
 			<li class="menuOverlayItem">
-				<a href="{link controller='Logout'}t={@SECURITY_TOKEN}{/link}" class="menuOverlayItemLink box24">
+				<a href="{link controller='Logout'}t={csrfToken type=url}{/link}" class="menuOverlayItemLink box24">
 					<span class="icon icon24 fa-sign-out"></span>
 					<span class="menuOverlayItemTitle">{lang}wcf.user.logout{/lang}</span>
 				</a>
diff --git a/wcfsetup/install/files/acp/templates/paidSubscriptionAdd.tpl b/wcfsetup/install/files/acp/templates/paidSubscriptionAdd.tpl
index 664e27c748..50940b9cdc 100644
--- a/wcfsetup/install/files/acp/templates/paidSubscriptionAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/paidSubscriptionAdd.tpl
@@ -187,7 +187,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/paidSubscriptionTransactionLogList.tpl b/wcfsetup/install/files/acp/templates/paidSubscriptionTransactionLogList.tpl
index 322bf03c5b..fcecd070e9 100644
--- a/wcfsetup/install/files/acp/templates/paidSubscriptionTransactionLogList.tpl
+++ b/wcfsetup/install/files/acp/templates/paidSubscriptionTransactionLogList.tpl
@@ -58,7 +58,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/paidSubscriptionUserAdd.tpl b/wcfsetup/install/files/acp/templates/paidSubscriptionUserAdd.tpl
index 91c9eda940..84c65fd51c 100644
--- a/wcfsetup/install/files/acp/templates/paidSubscriptionUserAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/paidSubscriptionUserAdd.tpl
@@ -76,7 +76,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/paidSubscriptionUserList.tpl b/wcfsetup/install/files/acp/templates/paidSubscriptionUserList.tpl
index cb83104517..8bc659f0de 100644
--- a/wcfsetup/install/files/acp/templates/paidSubscriptionUserList.tpl
+++ b/wcfsetup/install/files/acp/templates/paidSubscriptionUserList.tpl
@@ -52,7 +52,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/sitemapEdit.tpl b/wcfsetup/install/files/acp/templates/sitemapEdit.tpl
index b36a8b2424..05c6c6916f 100755
--- a/wcfsetup/install/files/acp/templates/sitemapEdit.tpl
+++ b/wcfsetup/install/files/acp/templates/sitemapEdit.tpl
@@ -75,7 +75,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/smileyAdd.tpl b/wcfsetup/install/files/acp/templates/smileyAdd.tpl
index e3480b0110..4e4924b28b 100644
--- a/wcfsetup/install/files/acp/templates/smileyAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/smileyAdd.tpl
@@ -203,7 +203,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleAdd.tpl b/wcfsetup/install/files/acp/templates/styleAdd.tpl
index 7877c4dfd7..f67644cee9 100644
--- a/wcfsetup/install/files/acp/templates/styleAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/styleAdd.tpl
@@ -1111,7 +1111,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="tmpHash" value="{$tmpHash}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleExport.tpl b/wcfsetup/install/files/acp/templates/styleExport.tpl
index c1a24859f3..c5c5d2eac1 100644
--- a/wcfsetup/install/files/acp/templates/styleExport.tpl
+++ b/wcfsetup/install/files/acp/templates/styleExport.tpl
@@ -55,7 +55,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.acp.style.button.exportStyle{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleGlobalValues.tpl b/wcfsetup/install/files/acp/templates/styleGlobalValues.tpl
index aa087b1a15..034acea58c 100644
--- a/wcfsetup/install/files/acp/templates/styleGlobalValues.tpl
+++ b/wcfsetup/install/files/acp/templates/styleGlobalValues.tpl
@@ -44,7 +44,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleImport.tpl b/wcfsetup/install/files/acp/templates/styleImport.tpl
index 058f74340d..ed7d5f34f6 100644
--- a/wcfsetup/install/files/acp/templates/styleImport.tpl
+++ b/wcfsetup/install/files/acp/templates/styleImport.tpl
@@ -48,8 +48,8 @@
 	
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
-{include file='footer'}
\ No newline at end of file
+{include file='footer'}
diff --git a/wcfsetup/install/files/acp/templates/tagAdd.tpl b/wcfsetup/install/files/acp/templates/tagAdd.tpl
index b24a0d22f2..d7c101dd4d 100644
--- a/wcfsetup/install/files/acp/templates/tagAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/tagAdd.tpl
@@ -93,7 +93,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/tagList.tpl b/wcfsetup/install/files/acp/templates/tagList.tpl
index de3c56865e..a3cffac183 100644
--- a/wcfsetup/install/files/acp/templates/tagList.tpl
+++ b/wcfsetup/install/files/acp/templates/tagList.tpl
@@ -48,7 +48,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/templateAdd.tpl b/wcfsetup/install/files/acp/templates/templateAdd.tpl
index 889849eec7..b893bd33ab 100644
--- a/wcfsetup/install/files/acp/templates/templateAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/templateAdd.tpl
@@ -66,7 +66,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 			{if $copy}<input type="hidden" name="copy" value="{@$copy}">{/if}
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl b/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
index 29a6f07203..f8365d8692 100644
--- a/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
@@ -96,7 +96,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/templateList.tpl b/wcfsetup/install/files/acp/templates/templateList.tpl
index df6906e419..3cc59584c7 100644
--- a/wcfsetup/install/files/acp/templates/templateList.tpl
+++ b/wcfsetup/install/files/acp/templates/templateList.tpl
@@ -77,7 +77,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
diff --git a/wcfsetup/install/files/acp/templates/trophyAdd.tpl b/wcfsetup/install/files/acp/templates/trophyAdd.tpl
index 1c636c0563..2bba55b3ca 100644
--- a/wcfsetup/install/files/acp/templates/trophyAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/trophyAdd.tpl
@@ -245,7 +245,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl b/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
index 80d662fa37..cdaa23b154 100644
--- a/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
+++ b/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
@@ -50,7 +50,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userAdd.tpl b/wcfsetup/install/files/acp/templates/userAdd.tpl
index a638a23156..6ffff0b068 100644
--- a/wcfsetup/install/files/acp/templates/userAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userAdd.tpl
@@ -673,7 +673,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl b/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
index 68cc650d47..9235029bad 100644
--- a/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
+++ b/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
@@ -48,7 +48,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userContentRevertChanges.tpl b/wcfsetup/install/files/acp/templates/userContentRevertChanges.tpl
index c364452071..aa60a92bfd 100644
--- a/wcfsetup/install/files/acp/templates/userContentRevertChanges.tpl
+++ b/wcfsetup/install/files/acp/templates/userContentRevertChanges.tpl
@@ -51,7 +51,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl b/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
index 7e4bd737f6..5045388efb 100644
--- a/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
+++ b/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
@@ -65,7 +65,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userGroupAdd.tpl b/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
index f2f535d85f..a01205c89b 100644
--- a/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
@@ -215,7 +215,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="action" value="{@$action}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userGroupAssignmentAdd.tpl b/wcfsetup/install/files/acp/templates/userGroupAssignmentAdd.tpl
index 920154e47d..4c06fb2bd7 100644
--- a/wcfsetup/install/files/acp/templates/userGroupAssignmentAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userGroupAssignmentAdd.tpl
@@ -76,7 +76,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="action" value="{@$action}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userGroupOption.tpl b/wcfsetup/install/files/acp/templates/userGroupOption.tpl
index 9b5031d904..07158c4cbf 100644
--- a/wcfsetup/install/files/acp/templates/userGroupOption.tpl
+++ b/wcfsetup/install/files/acp/templates/userGroupOption.tpl
@@ -144,7 +144,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userMail.tpl b/wcfsetup/install/files/acp/templates/userMail.tpl
index 8cc0673d89..f5140622ca 100644
--- a/wcfsetup/install/files/acp/templates/userMail.tpl
+++ b/wcfsetup/install/files/acp/templates/userMail.tpl
@@ -155,7 +155,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 		<input type="hidden" name="action" value="{@$action}">
 		<input type="hidden" name="userIDs" value="{implode from=$userIDs item=userID glue=','}{@$userID}{/implode}">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userMerge.tpl b/wcfsetup/install/files/acp/templates/userMerge.tpl
index 7cee84834e..c04b6e762e 100644
--- a/wcfsetup/install/files/acp/templates/userMerge.tpl
+++ b/wcfsetup/install/files/acp/templates/userMerge.tpl
@@ -58,7 +58,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userOptionAdd.tpl b/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
index 30517b4aa1..01c50aed84 100644
--- a/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
@@ -221,7 +221,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl b/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
index d1a5fdbcc8..22df9d4b35 100644
--- a/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
@@ -50,7 +50,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl b/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
index 80c0012f54..d6687aca0c 100644
--- a/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
@@ -50,7 +50,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userRankAdd.tpl b/wcfsetup/install/files/acp/templates/userRankAdd.tpl
index 97bb4bc765..dfc5b03d4d 100644
--- a/wcfsetup/install/files/acp/templates/userRankAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userRankAdd.tpl
@@ -204,7 +204,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userSearch.tpl b/wcfsetup/install/files/acp/templates/userSearch.tpl
index eb9e6216ef..05d08fc318 100644
--- a/wcfsetup/install/files/acp/templates/userSearch.tpl
+++ b/wcfsetup/install/files/acp/templates/userSearch.tpl
@@ -128,7 +128,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-		{@SECURITY_TOKEN_INPUT_TAG}
+		{csrfToken}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userTrophyAdd.tpl b/wcfsetup/install/files/acp/templates/userTrophyAdd.tpl
index 769d093416..186e3392f1 100644
--- a/wcfsetup/install/files/acp/templates/userTrophyAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userTrophyAdd.tpl
@@ -132,7 +132,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userTrophyList.tpl b/wcfsetup/install/files/acp/templates/userTrophyList.tpl
index 377a573d3a..2fb69913f2 100644
--- a/wcfsetup/install/files/acp/templates/userTrophyList.tpl
+++ b/wcfsetup/install/files/acp/templates/userTrophyList.tpl
@@ -58,7 +58,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s">
 
-			{@SECURITY_TOKEN_INPUT_TAG}
+			{csrfToken}
 		</div>
 	</section>
 </form>
-- 
2.20.1