diff options
author | Cash Costello <cash.costello@gmail.com> | 2010-10-30 16:58:33 +0000 |
---|---|---|
committer | Cash Costello <cash.costello@gmail.com> | 2010-10-30 16:58:33 +0000 |
commit | 6cc8f7714561a681428c2d402b15666e8e0af0fd (patch) | |
tree | ffeabc85a43856b655f4fad69d9869e2430a3cf9 /views/default/tidypics/forms/ajax_upload.php | |
parent | 4f57a2a6e8c9f1130b4772125aa6d434e6c2a5c3 (diff) | |
download | elgg-6cc8f7714561a681428c2d402b15666e8e0af0fd.tar.gz elgg-6cc8f7714561a681428c2d402b15666e8e0af0fd.tar.bz2 |
working around use_only_cookies
Diffstat (limited to 'views/default/tidypics/forms/ajax_upload.php')
-rw-r--r-- | views/default/tidypics/forms/ajax_upload.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/views/default/tidypics/forms/ajax_upload.php b/views/default/tidypics/forms/ajax_upload.php index 1d2a240ad..87a6ad0ed 100644 --- a/views/default/tidypics/forms/ajax_upload.php +++ b/views/default/tidypics/forms/ajax_upload.php @@ -3,15 +3,13 @@ extend_view('metatags', 'tidypics/js/uploader'); $album = $vars['album']; -$access_id = $album->access_id; $ts = time(); $token = generate_action_token($ts); - $batch = time(); +$tidypics_token = md5(session_id() . get_site_secret() . $ts . get_loggedin_user()->salt); $basic_uploader_url = current_page_url() . '/basic'; - $upload_endpoint_url = "{$vars['url']}action/tidypics/ajax_upload/"; $upload_complete_url = "{$vars['url']}action/tidypics/ajax_upload_complete/"; @@ -73,11 +71,13 @@ $("#uploadify").uploadify({ 'uploader' : '<?php echo $vars['url']; ?>mod/tidypics/vendors/uploadify/uploadify.swf', 'script' : '<?php echo $upload_endpoint_url; ?>', 'scriptData' : { - 'album_guid' : '<?php echo $album->guid; ?>', - '__elgg_token' : '<?php echo $token; ?>', - '__elgg_ts' : '<?php echo $ts; ?>', - 'Elgg' : '<?php echo session_id(); ?>', - 'batch' : '<?php echo $batch; ?>' + 'album_guid' : '<?php echo $album->guid; ?>', + 'user_guid' : '<?php echo get_loggedin_userid(); ?>', + '__elgg_token' : '<?php echo $token; ?>', + '__elgg_ts' : '<?php echo $ts; ?>', + 'Elgg' : '<?php echo session_id(); ?>', + 'tidypics_token' : '<?php echo $tidypics_token; ?>', + 'batch' : '<?php echo $batch; ?>' }, 'fileDataName' : 'Image', 'cancelImg' : '<?php echo $vars['url']; ?>_graphics/icon_customise_remove.gif', |