aboutsummaryrefslogtreecommitdiff
path: root/views/default
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-11 16:21:52 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-08-11 16:21:52 +0000
commitb2024d2dd3dd69fd48dda7d370b6c4a9c9cdc86b (patch)
treeca8e2bc62239d010a374dc0203ce0cca805de1d6 /views/default
parent82932ce389d39457e5584aadfc8abadb8404520a (diff)
downloadelgg-b2024d2dd3dd69fd48dda7d370b6c4a9c9cdc86b.tar.gz
elgg-b2024d2dd3dd69fd48dda7d370b6c4a9c9cdc86b.tar.bz2
Added ability to disable security enhancements on form (for certain cases)
git-svn-id: https://code.elgg.org/elgg/trunk@1842 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'views/default')
-rw-r--r--views/default/input/form.php12
1 files changed, 8 insertions, 4 deletions
diff --git a/views/default/input/form.php b/views/default/input/form.php
index 31415a287..7564468a4 100644
--- a/views/default/input/form.php
+++ b/views/default/input/form.php
@@ -26,10 +26,14 @@
$method = $vars['method']; if (!$method) $method = 'POST';
// Generate a security header
- $ts = time();
- $token = generate_action_token($ts);
- $security_header = elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
- $security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
+ $security_header = "";
+ if ($vars['disable_security']==true)
+ {
+ $ts = time();
+ $token = generate_action_token($ts);
+ $security_header = elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
+ $security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
+ }
?>
<form <?php if ($id) { ?>id="<?php echo $id; ?>" <?php } ?> <?php if ($name) { ?>name="<?php echo $name; ?>" <?php } ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?>>
<?php echo $security_header; ?>