diff options
| author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-04-24 14:53:28 +0000 |
|---|---|---|
| committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-04-24 14:53:28 +0000 |
| commit | 228dedb767db77cd220bc5863c125aec1aa93f06 (patch) | |
| tree | b4e3eff2de1f7f1e43331ab79648a118fe70e943 /views/default/input/securitytoken.php | |
| parent | a489cdae5b58ac27858e03921441a4f6e150a6d6 (diff) | |
| download | elgg-228dedb767db77cd220bc5863c125aec1aa93f06.tar.gz elgg-228dedb767db77cd220bc5863c125aec1aa93f06.tar.bz2 | |
Introducing input/securitytoken as an intermediate step for form conversion.
git-svn-id: https://code.elgg.org/elgg/trunk@3235 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'views/default/input/securitytoken.php')
| -rw-r--r-- | views/default/input/securitytoken.php | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/views/default/input/securitytoken.php b/views/default/input/securitytoken.php new file mode 100644 index 000000000..b1461a2ce --- /dev/null +++ b/views/default/input/securitytoken.php @@ -0,0 +1,20 @@ +<?php + /** + * CSRF security token view for use with secure forms. + * + * It is still recommended that you use input/form. + * + * @package Elgg + * @subpackage Core + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd + * @copyright Curverider Ltd 2008-2009 + * @link http://elgg.org/ + */ + + $ts = time(); + $token = generate_action_token($ts); + + echo elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token)); + echo elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts)); +?> |