diff options
| author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-26 14:33:17 +0000 |
|---|---|---|
| committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-26 14:33:17 +0000 |
| commit | 70cdb33ea110da47d2878b737b4f61619915993e (patch) | |
| tree | 3551feeafe14cabc85476235f993df253a976ece /engine/lib/actions.php | |
| parent | 2d9b941d8163565e7738dcde775e35effff6074d (diff) | |
| download | elgg-70cdb33ea110da47d2878b737b4f61619915993e.tar.gz elgg-70cdb33ea110da47d2878b737b4f61619915993e.tar.bz2 | |
Added login to the list of actions not requiring a security token.
git-svn-id: http://code.elgg.org/elgg/trunk@3972 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib/actions.php')
| -rw-r--r-- | engine/lib/actions.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/engine/lib/actions.php b/engine/lib/actions.php index 278194ac3..25ef411f6 100644 --- a/engine/lib/actions.php +++ b/engine/lib/actions.php @@ -24,13 +24,17 @@ function action($action, $forwarder = "") { // set GET params elgg_set_input_from_uri(); - // @todo REMOVE THESE EXCEPTIONS IN 1.8. - // These are only to provide a way to disable plugins that overwrite core - // UI without tokens. (And for installation because of session_id problems) + // @todo REMOVE THESE ONCE #1509 IS IN PLACE. + // Allow users to disable plugins without a token in order to + // remove plugins that are imcompatible. + // Installation cannot use tokens because it requires site secret to be + // working. (#1462) + // Login and logout are for convenience. $exceptions = array( 'systemsettings/install', 'admin/plugins/disable', - 'logout' + 'logout', + 'login' ); if (!in_array($action, $exceptions)) { |