aboutsummaryrefslogtreecommitdiff
path: root/views/default/tidypics/forms/ajax_upload.php
diff options
context:
space:
mode:
authorCash Costello <cash.costello@gmail.com>2010-10-30 16:58:33 +0000
committerCash Costello <cash.costello@gmail.com>2010-10-30 16:58:33 +0000
commit6cc8f7714561a681428c2d402b15666e8e0af0fd (patch)
treeffeabc85a43856b655f4fad69d9869e2430a3cf9 /views/default/tidypics/forms/ajax_upload.php
parent4f57a2a6e8c9f1130b4772125aa6d434e6c2a5c3 (diff)
downloadelgg-6cc8f7714561a681428c2d402b15666e8e0af0fd.tar.gz
elgg-6cc8f7714561a681428c2d402b15666e8e0af0fd.tar.bz2
working around use_only_cookies
Diffstat (limited to 'views/default/tidypics/forms/ajax_upload.php')
-rw-r--r--views/default/tidypics/forms/ajax_upload.php16
1 files changed, 8 insertions, 8 deletions
diff --git a/views/default/tidypics/forms/ajax_upload.php b/views/default/tidypics/forms/ajax_upload.php
index 1d2a240ad..87a6ad0ed 100644
--- a/views/default/tidypics/forms/ajax_upload.php
+++ b/views/default/tidypics/forms/ajax_upload.php
@@ -3,15 +3,13 @@
extend_view('metatags', 'tidypics/js/uploader');
$album = $vars['album'];
-$access_id = $album->access_id;
$ts = time();
$token = generate_action_token($ts);
-
$batch = time();
+$tidypics_token = md5(session_id() . get_site_secret() . $ts . get_loggedin_user()->salt);
$basic_uploader_url = current_page_url() . '/basic';
-
$upload_endpoint_url = "{$vars['url']}action/tidypics/ajax_upload/";
$upload_complete_url = "{$vars['url']}action/tidypics/ajax_upload_complete/";
@@ -73,11 +71,13 @@ $("#uploadify").uploadify({
'uploader' : '<?php echo $vars['url']; ?>mod/tidypics/vendors/uploadify/uploadify.swf',
'script' : '<?php echo $upload_endpoint_url; ?>',
'scriptData' : {
- 'album_guid' : '<?php echo $album->guid; ?>',
- '__elgg_token' : '<?php echo $token; ?>',
- '__elgg_ts' : '<?php echo $ts; ?>',
- 'Elgg' : '<?php echo session_id(); ?>',
- 'batch' : '<?php echo $batch; ?>'
+ 'album_guid' : '<?php echo $album->guid; ?>',
+ 'user_guid' : '<?php echo get_loggedin_userid(); ?>',
+ '__elgg_token' : '<?php echo $token; ?>',
+ '__elgg_ts' : '<?php echo $ts; ?>',
+ 'Elgg' : '<?php echo session_id(); ?>',
+ 'tidypics_token' : '<?php echo $tidypics_token; ?>',
+ 'batch' : '<?php echo $batch; ?>'
},
'fileDataName' : 'Image',
'cancelImg' : '<?php echo $vars['url']; ?>_graphics/icon_customise_remove.gif',