From ee629b229f7cda133ed1187d52a2709758c4b201 Mon Sep 17 00:00:00 2001
From: Alexander Ebert <ebert@woltlab.com>
Date: Thu, 3 Oct 2013 12:37:17 +0200
Subject: [PATCH] CSRF protection for forms

---
 com.woltlab.wcf/templates/accountManagement.tpl           | 6 ++----
 com.woltlab.wcf/templates/disclaimer.tpl                  | 5 ++---
 com.woltlab.wcf/templates/emailActivation.tpl             | 5 ++---
 com.woltlab.wcf/templates/emailNewActivationCode.tpl      | 5 ++---
 com.woltlab.wcf/templates/login.tpl                       | 5 ++---
 com.woltlab.wcf/templates/lostPassword.tpl                | 5 ++---
 com.woltlab.wcf/templates/mail.tpl                        | 5 ++---
 com.woltlab.wcf/templates/membersList.tpl                 | 1 +
 com.woltlab.wcf/templates/moderationActivation.tpl        | 3 +++
 com.woltlab.wcf/templates/moderationReport.tpl            | 3 +++
 com.woltlab.wcf/templates/newPassword.tpl                 | 5 ++---
 com.woltlab.wcf/templates/notificationSettings.tpl        | 5 ++---
 com.woltlab.wcf/templates/register.tpl                    | 5 ++---
 com.woltlab.wcf/templates/registerActivation.tpl          | 5 ++---
 com.woltlab.wcf/templates/registerNewActivationCode.tpl   | 5 ++---
 com.woltlab.wcf/templates/search.tpl                      | 5 ++---
 com.woltlab.wcf/templates/searchArea.tpl                  | 1 +
 com.woltlab.wcf/templates/signatureEdit.tpl               | 5 ++---
 com.woltlab.wcf/templates/userPanel.tpl                   | 1 +
 com.woltlab.wcf/templates/userSearch.tpl                  | 3 +++
 com.woltlab.wcf/templates/usersOnlineList.tpl             | 1 +
 wcfsetup/install/files/acp/templates/applicationEdit.tpl  | 5 ++---
 wcfsetup/install/files/acp/templates/attachmentList.tpl   | 3 +++
 wcfsetup/install/files/acp/templates/bbcodeAdd.tpl        | 6 +++---
 .../files/acp/templates/bbcodeMediaProviderAdd.tpl        | 5 ++---
 wcfsetup/install/files/acp/templates/categoryAdd.tpl      | 5 ++---
 wcfsetup/install/files/acp/templates/cronjobAdd.tpl       | 5 ++---
 wcfsetup/install/files/acp/templates/dataImport.tpl       | 8 ++++----
 wcfsetup/install/files/acp/templates/exceptionLogView.tpl | 3 +++
 wcfsetup/install/files/acp/templates/labelAdd.tpl         | 5 ++---
 wcfsetup/install/files/acp/templates/labelGroupAdd.tpl    | 5 ++---
 wcfsetup/install/files/acp/templates/languageAdd.tpl      | 5 ++---
 wcfsetup/install/files/acp/templates/languageExport.tpl   | 5 ++---
 wcfsetup/install/files/acp/templates/languageImport.tpl   | 5 ++---
 wcfsetup/install/files/acp/templates/languageItemList.tpl | 3 +++
 .../files/acp/templates/languageMultilingualism.tpl       | 5 ++---
 .../install/files/acp/templates/languageServerAdd.tpl     | 5 ++---
 wcfsetup/install/files/acp/templates/login.tpl            | 5 ++---
 wcfsetup/install/files/acp/templates/masterPassword.tpl   | 5 ++---
 wcfsetup/install/files/acp/templates/option.tpl           | 5 ++---
 wcfsetup/install/files/acp/templates/optionImport.tpl     | 5 ++---
 .../install/files/acp/templates/packageStartInstall.tpl   | 5 ++---
 .../files/acp/templates/packageUpdateServerAdd.tpl        | 5 ++---
 wcfsetup/install/files/acp/templates/pageMenuItemAdd.tpl  | 5 ++---
 wcfsetup/install/files/acp/templates/smileyAdd.tpl        | 5 ++---
 wcfsetup/install/files/acp/templates/styleAdd.tpl         | 5 ++---
 wcfsetup/install/files/acp/templates/styleExport.tpl      | 3 +++
 wcfsetup/install/files/acp/templates/styleImport.tpl      | 3 +++
 wcfsetup/install/files/acp/templates/tagAdd.tpl           | 5 ++---
 wcfsetup/install/files/acp/templates/tagList.tpl          | 3 +++
 wcfsetup/install/files/acp/templates/templateAdd.tpl      | 5 ++---
 wcfsetup/install/files/acp/templates/templateGroupAdd.tpl | 5 ++---
 wcfsetup/install/files/acp/templates/templateList.tpl     | 3 +++
 .../files/acp/templates/userActivityPointOption.tpl       | 5 ++---
 wcfsetup/install/files/acp/templates/userAdd.tpl          | 5 ++---
 .../install/files/acp/templates/userAssignToGroup.tpl     | 5 ++---
 .../install/files/acp/templates/userBulkProcessing.tpl    | 5 ++---
 .../files/acp/templates/userEmailAddressExport.tpl        | 3 +++
 wcfsetup/install/files/acp/templates/userGroupAdd.tpl     | 5 ++---
 wcfsetup/install/files/acp/templates/userGroupOption.tpl  | 3 +++
 wcfsetup/install/files/acp/templates/userMail.tpl         | 5 ++---
 wcfsetup/install/files/acp/templates/userMerge.tpl        | 5 ++---
 wcfsetup/install/files/acp/templates/userOptionAdd.tpl    | 5 ++---
 .../install/files/acp/templates/userOptionCategoryAdd.tpl | 5 ++---
 .../install/files/acp/templates/userOptionSetDefaults.tpl | 5 ++---
 wcfsetup/install/files/acp/templates/userRankAdd.tpl      | 5 ++---
 wcfsetup/install/files/acp/templates/userSearch.tpl       | 3 +++
 67 files changed, 146 insertions(+), 152 deletions(-)

diff --git a/com.woltlab.wcf/templates/accountManagement.tpl b/com.woltlab.wcf/templates/accountManagement.tpl
index 8056baf774..a090721e04 100644
--- a/com.woltlab.wcf/templates/accountManagement.tpl
+++ b/com.woltlab.wcf/templates/accountManagement.tpl
@@ -18,9 +18,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <p class="warning">{lang}wcf.user.accountManagement.warning{/lang}</p>
 
@@ -289,8 +287,8 @@
 	</div>
 	
 	<div class="formSubmit">
-		{@SECURITY_TOKEN_INPUT_TAG}
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/disclaimer.tpl b/com.woltlab.wcf/templates/disclaimer.tpl
index 5cdb0bc74e..22e25911ec 100644
--- a/com.woltlab.wcf/templates/disclaimer.tpl
+++ b/com.woltlab.wcf/templates/disclaimer.tpl
@@ -16,9 +16,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -43,6 +41,7 @@
 	<div class="formSubmit">
 		<input type="submit" name="accept" value="{lang}wcf.user.register.disclaimer.accept{/lang}" accesskey="s" />
 		<a class="button" href="{link}{/link}">{lang}wcf.user.register.disclaimer.decline{/lang}</a>
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 	{/if}
 </form>
diff --git a/com.woltlab.wcf/templates/emailActivation.tpl b/com.woltlab.wcf/templates/emailActivation.tpl
index e0383c1df8..da398c23c6 100644
--- a/com.woltlab.wcf/templates/emailActivation.tpl
+++ b/com.woltlab.wcf/templates/emailActivation.tpl
@@ -16,9 +16,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -79,6 +77,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/emailNewActivationCode.tpl b/com.woltlab.wcf/templates/emailNewActivationCode.tpl
index 46546ead4d..2958ac6c85 100644
--- a/com.woltlab.wcf/templates/emailNewActivationCode.tpl
+++ b/com.woltlab.wcf/templates/emailNewActivationCode.tpl
@@ -15,9 +15,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -78,6 +76,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/login.tpl b/com.woltlab.wcf/templates/login.tpl
index eb51d0154a..e91de28363 100644
--- a/com.woltlab.wcf/templates/login.tpl
+++ b/com.woltlab.wcf/templates/login.tpl
@@ -24,9 +24,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -153,6 +151,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="url" value="{@$url}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/lostPassword.tpl b/com.woltlab.wcf/templates/lostPassword.tpl
index fe8b3a341d..319a90b458 100644
--- a/com.woltlab.wcf/templates/lostPassword.tpl
+++ b/com.woltlab.wcf/templates/lostPassword.tpl
@@ -26,9 +26,7 @@
 
 <p class="info">{lang}wcf.user.lostPassword.description{/lang}</p>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -88,6 +86,7 @@
 		
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/mail.tpl b/com.woltlab.wcf/templates/mail.tpl
index 65d218a17a..5b994a8210 100644
--- a/com.woltlab.wcf/templates/mail.tpl
+++ b/com.woltlab.wcf/templates/mail.tpl
@@ -15,9 +15,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -110,6 +108,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/membersList.tpl b/com.woltlab.wcf/templates/membersList.tpl
index ceed61997d..f9ddba4d31 100644
--- a/com.woltlab.wcf/templates/membersList.tpl
+++ b/com.woltlab.wcf/templates/membersList.tpl
@@ -92,6 +92,7 @@
 			<div class="formSubmit">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 				<input type="hidden" name="letter" value="{$letter}" />
+				{@SECURITY_TOKEN_INPUT_TAG}
 			</div>
 		</form>
 	</div>
diff --git a/com.woltlab.wcf/templates/moderationActivation.tpl b/com.woltlab.wcf/templates/moderationActivation.tpl
index 3c861e4fe1..95811ab723 100644
--- a/com.woltlab.wcf/templates/moderationActivation.tpl
+++ b/com.woltlab.wcf/templates/moderationActivation.tpl
@@ -30,6 +30,8 @@
 
 {include file='userNotice'}
 
+{include file='formError'}
+
 <div class="contentNavigation">
 	<nav>
 		<ul>
@@ -81,6 +83,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</fieldset>
 	
diff --git a/com.woltlab.wcf/templates/moderationReport.tpl b/com.woltlab.wcf/templates/moderationReport.tpl
index 827473def1..fb2166d4a3 100644
--- a/com.woltlab.wcf/templates/moderationReport.tpl
+++ b/com.woltlab.wcf/templates/moderationReport.tpl
@@ -31,6 +31,8 @@
 
 {include file='userNotice'}
 
+{include file='formError'}
+
 <div class="contentNavigation">
 	<nav>
 		<ul>
@@ -90,6 +92,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</fieldset>
 	
diff --git a/com.woltlab.wcf/templates/newPassword.tpl b/com.woltlab.wcf/templates/newPassword.tpl
index 23ffb50305..7a54de71b2 100644
--- a/com.woltlab.wcf/templates/newPassword.tpl
+++ b/com.woltlab.wcf/templates/newPassword.tpl
@@ -15,9 +15,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -76,6 +74,7 @@
 		
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/notificationSettings.tpl b/com.woltlab.wcf/templates/notificationSettings.tpl
index 0e1d39889c..cd70385abe 100644
--- a/com.woltlab.wcf/templates/notificationSettings.tpl
+++ b/com.woltlab.wcf/templates/notificationSettings.tpl
@@ -35,9 +35,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -84,6 +82,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/register.tpl b/com.woltlab.wcf/templates/register.tpl
index 075a8061d6..f464fedfb1 100644
--- a/com.woltlab.wcf/templates/register.tpl
+++ b/com.woltlab.wcf/templates/register.tpl
@@ -53,9 +53,7 @@
 	<p class="info">{lang}wcf.user.3rdparty.{$__wcf->session->getVar('__3rdPartyProvider')}.register{/lang}</p>
 {/if}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -248,6 +246,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/registerActivation.tpl b/com.woltlab.wcf/templates/registerActivation.tpl
index e6e62ba98c..266516d433 100644
--- a/com.woltlab.wcf/templates/registerActivation.tpl
+++ b/com.woltlab.wcf/templates/registerActivation.tpl
@@ -17,9 +17,7 @@
 
 {if $__wcf->user->userID && $__wcf->user->activationCode}<p class="info">{lang}wcf.user.registerActivation.info{/lang}</p>{/if}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -80,6 +78,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/registerNewActivationCode.tpl b/com.woltlab.wcf/templates/registerNewActivationCode.tpl
index 5122f84e0a..6d8ee1ca36 100644
--- a/com.woltlab.wcf/templates/registerNewActivationCode.tpl
+++ b/com.woltlab.wcf/templates/registerNewActivationCode.tpl
@@ -15,9 +15,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 	
 <div class="contentNavigation">
 	{hascontent}
@@ -91,6 +89,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/search.tpl b/com.woltlab.wcf/templates/search.tpl
index 1c671f1d51..11ecc2ba36 100644
--- a/com.woltlab.wcf/templates/search.tpl
+++ b/com.woltlab.wcf/templates/search.tpl
@@ -16,9 +16,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $errorMessage|isset}
 	<p class="error">{@$errorMessage}</p>
@@ -128,6 +126,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/searchArea.tpl b/com.woltlab.wcf/templates/searchArea.tpl
index 96c18e6d23..e16ff8ce5c 100644
--- a/com.woltlab.wcf/templates/searchArea.tpl
+++ b/com.woltlab.wcf/templates/searchArea.tpl
@@ -22,6 +22,7 @@
 		</ul>
 		
 		{@$__searchHiddenInputFields}
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</form>
 </aside>
 
diff --git a/com.woltlab.wcf/templates/signatureEdit.tpl b/com.woltlab.wcf/templates/signatureEdit.tpl
index 4b825d9b24..c456d63203 100644
--- a/com.woltlab.wcf/templates/signatureEdit.tpl
+++ b/com.woltlab.wcf/templates/signatureEdit.tpl
@@ -30,9 +30,7 @@
 
 {include file='userNotice'}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -103,6 +101,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 			<button id="previewButton" class="jsOnly" accesskey="p">{lang}wcf.global.button.preview{/lang}</button>
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	{/if}
 </form>
diff --git a/com.woltlab.wcf/templates/userPanel.tpl b/com.woltlab.wcf/templates/userPanel.tpl
index 194b1d3300..b7ef9ad730 100644
--- a/com.woltlab.wcf/templates/userPanel.tpl
+++ b/com.woltlab.wcf/templates/userPanel.tpl
@@ -122,6 +122,7 @@
 						<div class="formSubmit">
 							<input type="submit" id="loginSubmitButton" name="submitButton" value="{lang}wcf.user.button.login{/lang}" accesskey="s" />
 							<input type="hidden" name="url" value="{$__wcf->session->requestURI}" />
+							{@SECURITY_TOKEN_INPUT_TAG}
 						</div>
 					</fieldset>
 					
diff --git a/com.woltlab.wcf/templates/userSearch.tpl b/com.woltlab.wcf/templates/userSearch.tpl
index b463664878..5a905730d4 100644
--- a/com.woltlab.wcf/templates/userSearch.tpl
+++ b/com.woltlab.wcf/templates/userSearch.tpl
@@ -28,6 +28,8 @@
 
 {include file='userNotice'}
 
+{include file='formError'}
+
 {if $errorField == 'search'}
 	<p class="error">{lang}wcf.user.search.error.noMatches{/lang}</p>
 {/if}
@@ -73,6 +75,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/com.woltlab.wcf/templates/usersOnlineList.tpl b/com.woltlab.wcf/templates/usersOnlineList.tpl
index 27e2255f86..5f426b2204 100644
--- a/com.woltlab.wcf/templates/usersOnlineList.tpl
+++ b/com.woltlab.wcf/templates/usersOnlineList.tpl
@@ -59,6 +59,7 @@
 			
 			<div class="formSubmit">
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+				{@SECURITY_TOKEN_INPUT_TAG}
 			</div>
 		</form>
 	</div>
diff --git a/wcfsetup/install/files/acp/templates/applicationEdit.tpl b/wcfsetup/install/files/acp/templates/applicationEdit.tpl
index 94eb26d3c9..cf269da04a 100644
--- a/wcfsetup/install/files/acp/templates/applicationEdit.tpl
+++ b/wcfsetup/install/files/acp/templates/applicationEdit.tpl
@@ -19,9 +19,7 @@
 	<h1>{lang}wcf.acp.application.edit.title{/lang}{if $application->isPrimary} <span class="icon icon16 icon-ok-sign jsTooltip" title="{lang}wcf.acp.application.primaryApplication{/lang}"></span>{/if}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -127,6 +125,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/attachmentList.tpl b/wcfsetup/install/files/acp/templates/attachmentList.tpl
index 91b6a097ba..6e106bcd46 100644
--- a/wcfsetup/install/files/acp/templates/attachmentList.tpl
+++ b/wcfsetup/install/files/acp/templates/attachmentList.tpl
@@ -15,6 +15,8 @@
 	<p>{lang}wcf.acp.attachment.stats{/lang}</p>
 </header>
 
+{include file='formError'}
+
 <form method="post" action="{link controller='AttachmentList'}{/link}">
 	<div class="container containerPadding marginTop">
 		<fieldset>
@@ -48,6 +50,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl b/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
index 3f592f28a2..b8d8731368 100644
--- a/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/bbcodeAdd.tpl
@@ -35,6 +35,7 @@
 		{event name='attributeFields'}
 	</fieldset>
 {/capture}
+
 <script data-relocate="true">
 //<![CDATA[
 	$(function() {
@@ -78,9 +79,7 @@
 	<p class="info">{lang}wcf.acp.bbcode.add.userGroupOptionInfo{/lang}</p>
 {/if}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -269,6 +268,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl b/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
index 12bb93e2ea..c2febc3ae1 100644
--- a/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/bbcodeMediaProviderAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.bbcode.mediaProvider.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -85,6 +83,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/categoryAdd.tpl b/wcfsetup/install/files/acp/templates/categoryAdd.tpl
index d8eda3853b..ddb80a44cf 100644
--- a/wcfsetup/install/files/acp/templates/categoryAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/categoryAdd.tpl
@@ -19,9 +19,7 @@
 	<h1>{@$objectType->getProcessor()->getLanguageVariable($action)}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{@$action}{/lang}</p>
@@ -169,6 +167,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
  	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/cronjobAdd.tpl b/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
index bb694b42e6..545fc8bc42 100644
--- a/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/cronjobAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.cronjob.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <p class="info">{lang}wcf.acp.cronjob.intro{/lang}</p>
 
@@ -141,6 +139,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/dataImport.tpl b/wcfsetup/install/files/acp/templates/dataImport.tpl
index 233a16d3ac..064362928c 100644
--- a/wcfsetup/install/files/acp/templates/dataImport.tpl
+++ b/wcfsetup/install/files/acp/templates/dataImport.tpl
@@ -42,9 +42,7 @@
 	{/if}
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $showInnoDBWarning}
 	<p class="warning">{lang}wcf.acp.index.innoDBWarning{/lang}</p>
@@ -123,8 +121,9 @@
 			</div>
 		
 			<div class="formSubmit">
-				{@SID_INPUT_TAG}
 				<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+				{@SID_INPUT_TAG}
+				{@SECURITY_TOKEN_INPUT_TAG}
 			</div>
 		</form>
 	{/if}
@@ -234,6 +233,7 @@
 		<div class="formSubmit">
 			<input type="hidden" name="exporterName" value="{$exporterName}" />
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/exceptionLogView.tpl b/wcfsetup/install/files/acp/templates/exceptionLogView.tpl
index 338c9b9524..b11df8b527 100644
--- a/wcfsetup/install/files/acp/templates/exceptionLogView.tpl
+++ b/wcfsetup/install/files/acp/templates/exceptionLogView.tpl
@@ -24,6 +24,8 @@
 	<h1>{lang}wcf.acp.exceptionLog{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 {if !$logFiles|empty}
 	<form method="get" action="{link controller='ExceptionLogView'}{/link}">
 		<div class="container containerPadding marginTop">
@@ -48,6 +50,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 			{@SID_INPUT_TAG}
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/labelAdd.tpl b/wcfsetup/install/files/acp/templates/labelAdd.tpl
index 9f3915f6e9..3a49b3f053 100644
--- a/wcfsetup/install/files/acp/templates/labelAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/labelAdd.tpl
@@ -21,9 +21,7 @@
 	<h1>{lang}wcf.acp.label.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -118,6 +116,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl b/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
index a54204a4e2..a1d9bc42e8 100644
--- a/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/labelGroupAdd.tpl
@@ -22,9 +22,7 @@
 	<h1>{lang}wcf.acp.label.group.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -116,6 +114,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageAdd.tpl b/wcfsetup/install/files/acp/templates/languageAdd.tpl
index 7992d9e389..b7c272a2cd 100644
--- a/wcfsetup/install/files/acp/templates/languageAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/languageAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.language.{@$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{@$action}{/lang}</p>
@@ -109,6 +107,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
  	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageExport.tpl b/wcfsetup/install/files/acp/templates/languageExport.tpl
index 46fd1755ae..4256e84571 100644
--- a/wcfsetup/install/files/acp/templates/languageExport.tpl
+++ b/wcfsetup/install/files/acp/templates/languageExport.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.language.export{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.acp.language.add.success{/lang}</p>
@@ -63,6 +61,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" accesskey="s" value="{lang}wcf.global.button.submit{/lang}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageImport.tpl b/wcfsetup/install/files/acp/templates/languageImport.tpl
index 0f26c3be81..6bcc872eb1 100644
--- a/wcfsetup/install/files/acp/templates/languageImport.tpl
+++ b/wcfsetup/install/files/acp/templates/languageImport.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.language.import{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.add{/lang}</p>
@@ -64,6 +62,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
  	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageItemList.tpl b/wcfsetup/install/files/acp/templates/languageItemList.tpl
index df962b3f48..3daf88239e 100644
--- a/wcfsetup/install/files/acp/templates/languageItemList.tpl
+++ b/wcfsetup/install/files/acp/templates/languageItemList.tpl
@@ -13,6 +13,8 @@
 	<h1>{lang}wcf.acp.language.item.list{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 <form method="post" action="{link controller='LanguageItemList'}{/link}">
 	<div class="container containerPadding marginTop">
 		<fieldset>
@@ -66,6 +68,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl b/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
index 801dd15364..fbe44d9365 100644
--- a/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
+++ b/wcfsetup/install/files/acp/templates/languageMultilingualism.tpl
@@ -14,9 +14,7 @@
 	<h1>{lang}wcf.acp.language.multilingualism{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -63,6 +61,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" accesskey="s" value="{lang}wcf.global.button.submit{/lang}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
  	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/languageServerAdd.tpl b/wcfsetup/install/files/acp/templates/languageServerAdd.tpl
index cd7ed2ed97..970cbf20f2 100644
--- a/wcfsetup/install/files/acp/templates/languageServerAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/languageServerAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.languageServer.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.acp.languageServer.{$action}.success{/lang}</p>
@@ -49,6 +47,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
  	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/login.tpl b/wcfsetup/install/files/acp/templates/login.tpl
index 162c574b4d..7ceeacac06 100644
--- a/wcfsetup/install/files/acp/templates/login.tpl
+++ b/wcfsetup/install/files/acp/templates/login.tpl
@@ -17,9 +17,7 @@
 	<h1>{@$pageTitle|language}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <form method="post" action="{link controller='Login'}{/link}">
 	<div class="container containerPadding marginTop">
@@ -65,6 +63,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="url" value="{$url}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/masterPassword.tpl b/wcfsetup/install/files/acp/templates/masterPassword.tpl
index 3e313a62bb..3c3ddcfccf 100644
--- a/wcfsetup/install/files/acp/templates/masterPassword.tpl
+++ b/wcfsetup/install/files/acp/templates/masterPassword.tpl
@@ -12,9 +12,7 @@
 	<h1>{lang}wcf.acp.masterPassword.enter{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <form method="post" action="{link controller='MasterPassword'}{/link}">
 	<div class="container containerPadding marginTop">
@@ -47,6 +45,7 @@
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="url" value="{$url}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/option.tpl b/wcfsetup/install/files/acp/templates/option.tpl
index 0984f8686e..4d82259f6b 100644
--- a/wcfsetup/install/files/acp/templates/option.tpl
+++ b/wcfsetup/install/files/acp/templates/option.tpl
@@ -33,9 +33,7 @@
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
 {/if}
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -84,6 +82,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" name="__submit" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/optionImport.tpl b/wcfsetup/install/files/acp/templates/optionImport.tpl
index d50346251a..3a6d91509c 100644
--- a/wcfsetup/install/files/acp/templates/optionImport.tpl
+++ b/wcfsetup/install/files/acp/templates/optionImport.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.option.import{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.acp.option.import.success{/lang}</p>
@@ -54,6 +52,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/packageStartInstall.tpl b/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
index 686ef9edbb..d447d99a0f 100644
--- a/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
+++ b/wcfsetup/install/files/acp/templates/packageStartInstall.tpl
@@ -24,9 +24,7 @@
 	<h1>{lang}{@$pageTitle}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	<nav>
@@ -126,6 +124,7 @@
 			<div class="formSubmit">
 				<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 				<input type="hidden" name="action" value="{$action}" />
+				{@SECURITY_TOKEN_INPUT_TAG}
 			</div>
 		</form>
 	</div>
diff --git a/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl b/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
index 60c5f59957..9cff933b14 100644
--- a/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/packageUpdateServerAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.updateServer.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $packageUpdateServer|isset && $packageUpdateServer->errorMessage}
 	<p class="warning">{lang}wcf.acp.updateServer.lastErrorMessage{/lang}<br />{$packageUpdateServer->errorMessage}</p>
@@ -71,6 +69,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/pageMenuItemAdd.tpl b/wcfsetup/install/files/acp/templates/pageMenuItemAdd.tpl
index 920a4a82b7..88d3b3c8f6 100644
--- a/wcfsetup/install/files/acp/templates/pageMenuItemAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/pageMenuItemAdd.tpl
@@ -45,9 +45,7 @@
 	<h1>{lang}wcf.acp.pageMenu.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -219,6 +217,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/smileyAdd.tpl b/wcfsetup/install/files/acp/templates/smileyAdd.tpl
index 1bb3add649..389bea960f 100644
--- a/wcfsetup/install/files/acp/templates/smileyAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/smileyAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.smiley.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -133,6 +131,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleAdd.tpl b/wcfsetup/install/files/acp/templates/styleAdd.tpl
index b2b7adbec1..8c97571e9d 100644
--- a/wcfsetup/install/files/acp/templates/styleAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/styleAdd.tpl
@@ -63,9 +63,7 @@
 	{if $action == 'edit'}<p>{$styleName}</p>{/if}
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -569,6 +567,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="tmpHash" value="{$tmpHash}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleExport.tpl b/wcfsetup/install/files/acp/templates/styleExport.tpl
index da1d745a67..e34fd66634 100644
--- a/wcfsetup/install/files/acp/templates/styleExport.tpl
+++ b/wcfsetup/install/files/acp/templates/styleExport.tpl
@@ -19,6 +19,8 @@
 	<h1>{lang}wcf.acp.style.exportStyle{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 <div class="contentNavigation">
 	<nav>
 		<ul>
@@ -88,6 +90,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.acp.style.button.exportStyle{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/styleImport.tpl b/wcfsetup/install/files/acp/templates/styleImport.tpl
index eabeba1a58..396e3dd31b 100644
--- a/wcfsetup/install/files/acp/templates/styleImport.tpl
+++ b/wcfsetup/install/files/acp/templates/styleImport.tpl
@@ -4,6 +4,8 @@
 	<h1>{lang}wcf.acp.style.importStyle{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.add{/lang}</p>
 {/if}
@@ -48,6 +50,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" name="submitButton" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/tagAdd.tpl b/wcfsetup/install/files/acp/templates/tagAdd.tpl
index 7189b2d72e..b3df2a06d8 100644
--- a/wcfsetup/install/files/acp/templates/tagAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/tagAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.tag.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -108,6 +106,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/tagList.tpl b/wcfsetup/install/files/acp/templates/tagList.tpl
index 29309338d5..ae0de50e48 100644
--- a/wcfsetup/install/files/acp/templates/tagList.tpl
+++ b/wcfsetup/install/files/acp/templates/tagList.tpl
@@ -12,6 +12,8 @@
 	<h1>{lang}wcf.acp.tag.list{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 {if $items}
 	<form action="{link controller='TagList'}{/link}">
 		<div class="container containerPadding marginTop">
@@ -30,6 +32,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 			{@SID_INPUT_TAG}
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {/if}
diff --git a/wcfsetup/install/files/acp/templates/templateAdd.tpl b/wcfsetup/install/files/acp/templates/templateAdd.tpl
index c422f09f25..79ba374276 100644
--- a/wcfsetup/install/files/acp/templates/templateAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/templateAdd.tpl
@@ -5,9 +5,7 @@
 	{if $action == 'edit'}<p>{$template->getPath()}</p>{/if}
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -79,6 +77,7 @@
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 			{if $copy}<input type="hidden" name="copy" value="{@$copy}" />{/if}
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl b/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
index 4d5ae54ae5..3212832a7b 100644
--- a/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/templateGroupAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.template.group.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -81,6 +79,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/templateList.tpl b/wcfsetup/install/files/acp/templates/templateList.tpl
index e9203e7043..de7a0d7f61 100644
--- a/wcfsetup/install/files/acp/templates/templateList.tpl
+++ b/wcfsetup/install/files/acp/templates/templateList.tpl
@@ -24,6 +24,8 @@
 	<h1>{lang}wcf.acp.template.list{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 <form method="post" action="{link controller='TemplateList'}{/link}">
 	<div class="container containerPadding marginTop">
 		<fieldset>
@@ -64,6 +66,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl b/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
index ea7460dc38..38fe89c27c 100644
--- a/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
+++ b/wcfsetup/install/files/acp/templates/userActivityPointOption.tpl
@@ -14,9 +14,7 @@
 	<h1>{lang}wcf.acp.user.activityPoint.option{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -54,6 +52,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userAdd.tpl b/wcfsetup/install/files/acp/templates/userAdd.tpl
index 5bed3a254b..b75b609a56 100644
--- a/wcfsetup/install/files/acp/templates/userAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userAdd.tpl
@@ -13,9 +13,7 @@
 	{if $action == 'edit'}<p>{$user->username}</p>{/if}
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $userID|isset && $__wcf->user->userID == $userID}
 	<p class="warning">{lang}wcf.acp.user.edit.warning.selfEdit{/lang}</p>
@@ -416,6 +414,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl b/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
index 5f631f964f..4dd485f3df 100644
--- a/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
+++ b/wcfsetup/install/files/acp/templates/userAssignToGroup.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.assignToGroup{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -54,6 +52,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userBulkProcessing.tpl b/wcfsetup/install/files/acp/templates/userBulkProcessing.tpl
index 8aee0224ef..13ca916e7f 100644
--- a/wcfsetup/install/files/acp/templates/userBulkProcessing.tpl
+++ b/wcfsetup/install/files/acp/templates/userBulkProcessing.tpl
@@ -76,9 +76,7 @@
 	<h1>{lang}wcf.acp.user.bulkProcessing{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <p class="warning">{lang}wcf.acp.user.bulkProcessing.warning{/lang}</p>
 
@@ -336,6 +334,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl b/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
index a5c23819fd..89dc72ee21 100644
--- a/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
+++ b/wcfsetup/install/files/acp/templates/userEmailAddressExport.tpl
@@ -12,6 +12,8 @@
 	<h1>{lang}wcf.acp.user.exportEmailAddress{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 <div class="contentNavigation">
 	{hascontent}
 		<nav>
@@ -69,6 +71,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userGroupAdd.tpl b/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
index ad9b098d67..9a27edbfdd 100644
--- a/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userGroupAdd.tpl
@@ -13,9 +13,7 @@
 	<h1>{lang}wcf.acp.group.{@$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $warningSelfEdit|isset}
 	<p class="warning">{lang}wcf.acp.group.edit.warning.selfIsMember{/lang}</p>
@@ -178,6 +176,7 @@
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="action" value="{@$action}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userGroupOption.tpl b/wcfsetup/install/files/acp/templates/userGroupOption.tpl
index cf08e24b53..3bd1d90fe3 100644
--- a/wcfsetup/install/files/acp/templates/userGroupOption.tpl
+++ b/wcfsetup/install/files/acp/templates/userGroupOption.tpl
@@ -15,6 +15,8 @@
 	<h1>{lang}wcf.acp.group.option.editingOption{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
 {/if}
@@ -55,6 +57,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userMail.tpl b/wcfsetup/install/files/acp/templates/userMail.tpl
index fd83c4c004..174d7eb53f 100644
--- a/wcfsetup/install/files/acp/templates/userMail.tpl
+++ b/wcfsetup/install/files/acp/templates/userMail.tpl
@@ -24,9 +24,7 @@
 	<h1>{lang}{@$pageTitle}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	<nav>
@@ -145,6 +143,7 @@
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
 		<input type="hidden" name="action" value="{@$action}" />
 		<input type="hidden" name="userIDs" value="{implode from=$userIDs item=userID glue=','}{@$userID}{/implode}" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userMerge.tpl b/wcfsetup/install/files/acp/templates/userMerge.tpl
index a57a25ce36..a6095b48e9 100644
--- a/wcfsetup/install/files/acp/templates/userMerge.tpl
+++ b/wcfsetup/install/files/acp/templates/userMerge.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.merge{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 <div class="contentNavigation">
 	{hascontent}
@@ -62,6 +60,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userOptionAdd.tpl b/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
index aac12d8cf1..5ed66f8c05 100644
--- a/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.option.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -223,6 +221,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl b/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
index ef9abe89b7..9a1033bdb0 100644
--- a/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionCategoryAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.option.category.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -59,6 +57,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl b/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
index 6b1bba2a82..5b90aca724 100644
--- a/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
+++ b/wcfsetup/install/files/acp/templates/userOptionSetDefaults.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.option.setDefaults{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.edit{/lang}</p>
@@ -56,6 +54,7 @@
 		
 		<div class="formSubmit">
 			<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+			{@SECURITY_TOKEN_INPUT_TAG}
 		</div>
 	</form>
 {else}
diff --git a/wcfsetup/install/files/acp/templates/userRankAdd.tpl b/wcfsetup/install/files/acp/templates/userRankAdd.tpl
index 379374ee65..61f37a74b7 100644
--- a/wcfsetup/install/files/acp/templates/userRankAdd.tpl
+++ b/wcfsetup/install/files/acp/templates/userRankAdd.tpl
@@ -4,9 +4,7 @@
 	<h1>{lang}wcf.acp.user.rank.{$action}{/lang}</h1>
 </header>
 
-{if $errorField}
-	<p class="error">{lang}wcf.global.form.error{/lang}</p>
-{/if}
+{include file='formError'}
 
 {if $success|isset}
 	<p class="success">{lang}wcf.global.success.{$action}{/lang}</p>
@@ -176,6 +174,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
diff --git a/wcfsetup/install/files/acp/templates/userSearch.tpl b/wcfsetup/install/files/acp/templates/userSearch.tpl
index d36e368f4f..60e8114082 100644
--- a/wcfsetup/install/files/acp/templates/userSearch.tpl
+++ b/wcfsetup/install/files/acp/templates/userSearch.tpl
@@ -13,6 +13,8 @@
 	<h1>{lang}wcf.acp.user.search{/lang}</h1>
 </header>
 
+{include file='formError'}
+
 {if $errorField == 'search'}
 	<p class="error">{lang}wcf.acp.user.search.error.noMatches{/lang}</p>
 {/if}
@@ -230,6 +232,7 @@
 	
 	<div class="formSubmit">
 		<input type="submit" value="{lang}wcf.global.button.submit{/lang}" accesskey="s" />
+		{@SECURITY_TOKEN_INPUT_TAG}
 	</div>
 </form>
 
-- 
2.20.1