diff options
| author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-06-23 10:03:05 +0000 |
|---|---|---|
| committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-06-23 10:03:05 +0000 |
| commit | 029cb4bebc0d9ef7a0f60a402406633e2995dea5 (patch) | |
| tree | 53ff94a19417816e7aabedd704cf238a6efe11b3 | |
| parent | 027c6c8f5c38670c46a083e6221d22a3487484aa (diff) | |
| download | elgg-029cb4bebc0d9ef7a0f60a402406633e2995dea5.tar.gz elgg-029cb4bebc0d9ef7a0f60a402406633e2995dea5.tar.bz2 | |
Action gatekeeper added to add and remove friends.
git-svn-id: https://code.elgg.org/elgg/trunk@3349 36083f99-b078-4883-b0ff-0f9b5a30f544
| -rw-r--r-- | actions/friends/add.php | 3 | ||||
| -rw-r--r-- | actions/friends/remove.php | 3 | ||||
| -rw-r--r-- | mod/profile/views/default/profile/menu/actions.php | 10 |
3 files changed, 11 insertions, 5 deletions
diff --git a/actions/friends/add.php b/actions/friends/add.php index 9dd8397bc..74238b3a0 100644 --- a/actions/friends/add.php +++ b/actions/friends/add.php @@ -12,7 +12,8 @@ */
// Ensure we are logged in
- gatekeeper();
+ gatekeeper(); + action_gatekeeper();
// Get the GUID of the user to friend
$friend_guid = get_input('friend');
diff --git a/actions/friends/remove.php b/actions/friends/remove.php index debb0f7c2..ef0cdb46e 100644 --- a/actions/friends/remove.php +++ b/actions/friends/remove.php @@ -12,7 +12,8 @@ */
// Ensure we are logged in
- gatekeeper();
+ gatekeeper(); + action_gatekeeper();
// Get the GUID of the user to friend
$friend_guid = get_input('friend');
diff --git a/mod/profile/views/default/profile/menu/actions.php b/mod/profile/views/default/profile/menu/actions.php index d348831c1..2c26e2814 100644 --- a/mod/profile/views/default/profile/menu/actions.php +++ b/mod/profile/views/default/profile/menu/actions.php @@ -13,11 +13,15 @@ */
if (isloggedin()) {
- if ($_SESSION['user']->getGUID() != $vars['entity']->getGUID()) {
+ if ($_SESSION['user']->getGUID() != $vars['entity']->getGUID()) { + + $ts = time(); + $token = generate_action_token($ts); +
if ($vars['entity']->isFriend()) {
- echo "<p class=\"user_menu_removefriend\"><a href=\"{$vars['url']}action/friends/remove?friend={$vars['entity']->getGUID()}\">" . elgg_echo("friend:remove") . "</a></p>";
+ echo "<p class=\"user_menu_removefriend\"><a href=\"{$vars['url']}action/friends/remove?friend={$vars['entity']->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\">" . elgg_echo("friend:remove") . "</a></p>";
} else {
- echo "<p class=\"user_menu_addfriend\"><a href=\"{$vars['url']}action/friends/add?friend={$vars['entity']->getGUID()}\">" . elgg_echo("friend:add") . "</a></p>";
+ echo "<p class=\"user_menu_addfriend\"><a href=\"{$vars['url']}action/friends/add?friend={$vars['entity']->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\">" . elgg_echo("friend:add") . "</a></p>";
}
}
}
|