aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mod/reportedcontent/views/default/reportedcontent/listing.php4
-rw-r--r--mod/sitepages/start.php1
-rw-r--r--views/default/output/confirmlink.php4
-rw-r--r--views/default/output/url.php2
4 files changed, 6 insertions, 5 deletions
diff --git a/mod/reportedcontent/views/default/reportedcontent/listing.php b/mod/reportedcontent/views/default/reportedcontent/listing.php
index 54ebd6a27..99069cb8c 100644
--- a/mod/reportedcontent/views/default/reportedcontent/listing.php
+++ b/mod/reportedcontent/views/default/reportedcontent/listing.php
@@ -30,8 +30,8 @@ if($vars['entity']){
echo "<div class='admin_settings reported_content {$reportedcontent_background}'>";
echo "<div class='clearfloat controls'>";
if($report->state != 'archived')
- echo "<a class='action_button' href=\"" . elgg_validate_action_url($vars['url'] . "action/reportedcontent/archive?item={$report->guid}") . "\">" . elgg_echo('reportedcontent:archive') . "</a>";
- echo "<a class='action_button disabled' href=\"" . elgg_validate_action_url($vars['url'] . "action/reportedcontent/delete?item={$report->guid}") . "\" onclick=\"return confirm('" . elgg_echo('reportedcontent:areyousure') . "')\">" . elgg_echo('reportedcontent:delete') . "</a></div>";
+ echo "<a class='action_button' href=\"" . elgg_add_action_tokens_to_url($vars['url'] . "action/reportedcontent/archive?item={$report->guid}") . "\">" . elgg_echo('reportedcontent:archive') . "</a>";
+ echo "<a class='action_button disabled' href=\"" . elgg_add_action_tokens_to_url($vars['url'] . "action/reportedcontent/delete?item={$report->guid}") . "\" onclick=\"return confirm('" . elgg_echo('reportedcontent:areyousure') . "')\">" . elgg_echo('reportedcontent:delete') . "</a></div>";
echo "<p><b>" . elgg_echo('reportedcontent:by') . ": </b><a href=\"{$user_url}\">" . $user . "</a>, " . friendly_time($report->time_created) . "</p>";
echo "<p><b>" . elgg_echo('reportedcontent:objecttitle') . ": </b>" . $report->title;
echo "<br /><a onclick=\"elgg_slide_toggle(this,'.reported_content','.container{$id}');\" class='details_link'>" . elgg_echo('reportedcontent:moreinfo') . "</a></p>";
diff --git a/mod/sitepages/start.php b/mod/sitepages/start.php
index 5be36842a..c7baa1314 100644
--- a/mod/sitepages/start.php
+++ b/mod/sitepages/start.php
@@ -13,6 +13,7 @@
*
* @todo
* Check for SQL injection problems.
+ * Force [[login_box]] in the logged out view.
* Make sure this stuff doesn't show up in search.
* Check entity keyword views against fullview. Force to FALSE?
* DRY up actions and views
diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php
index 9377426ad..c4c0e0bfa 100644
--- a/views/default/output/confirmlink.php
+++ b/views/default/output/confirmlink.php
@@ -20,7 +20,7 @@ if (!$confirm) {
}
// always generate missing action tokens
-$link = elgg_validate_action_url($vars['href']);
+$link = elgg_add_action_tokens_to_url($vars['href']);
if (isset($vars['class']) && $vars['class']) {
$class = 'class="' . $vars['class'] . '"';
@@ -28,4 +28,4 @@ if (isset($vars['class']) && $vars['class']) {
$class = '';
}
?>
-<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a> \ No newline at end of file
+<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
diff --git a/views/default/output/url.php b/views/default/output/url.php
index b77ffbf00..734df2c19 100644
--- a/views/default/output/url.php
+++ b/views/default/output/url.php
@@ -21,7 +21,7 @@ $url = trim($vars['href']);
if (!empty($url)) {
if (array_key_exists('is_action', $vars) && $vars['is_action']) {
- $url = elgg_validate_action_url($url);
+ $url = elgg_add_action_tokens_to_url($url);
}
if (array_key_exists('target', $vars) && $vars['target']) {