diff options
| author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-04-10 12:03:00 +0000 |
|---|---|---|
| committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-04-10 12:03:00 +0000 |
| commit | b80683f2d8467634bc77ce04ee0d0f8b1de02212 (patch) | |
| tree | 4551ea8169926d2d27238bf5aa86c95e5f4deee5 /views/default/output/confirmlink.php | |
| parent | 5f3fadde20f6bbde6b354b37a2832bf5d8db9634 (diff) | |
| download | elgg-b80683f2d8467634bc77ce04ee0d0f8b1de02212.tar.gz elgg-b80683f2d8467634bc77ce04ee0d0f8b1de02212.tar.bz2 | |
Rolled token into url and confirmlink
git-svn-id: https://code.elgg.org/elgg/trunk@3203 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'views/default/output/confirmlink.php')
| -rw-r--r-- | views/default/output/confirmlink.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php index a51e58af9..0843083f0 100644 --- a/views/default/output/confirmlink.php +++ b/views/default/output/confirmlink.php @@ -19,6 +19,18 @@ $confirm = $vars['confirm'];
if (!$confirm)
- $confirm = elgg_echo('question:areyousure');
+ $confirm = elgg_echo('question:areyousure'); + + $link = $vars['href']; + + if ($vars['is_action']) + { + $ts = time(); + $token = generate_action_token($ts); + + $sep = "?"; + if (strpos($link, '?')>0) $sep = "&"; + $link = "$link{$sep}__elgg_token=$token&__elgg_ts=$ts"; + }
?>
-<a href="<?php echo $vars['href']; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file +<a href="<?php echo $link; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file |