3 files changed, 7 insertions, 2 deletions

diff --git a/actions/login.php b/actions/login.php
index 95c90ce7e..774b6dfaa 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -10,7 +10,10 @@
 	 * @copyright Curverider Ltd 2008

 	 * @link http://elgg.org/

 	 */

-	 

+	 
+	// Safety first
+		action_gatekeeper();
+

     // Get username and password

     

         $username = get_input('username');

diff --git a/actions/user/requestnewpassword.php b/actions/user/requestnewpassword.php
index 1771a86ac..3ed2d604e 100644
--- a/actions/user/requestnewpassword.php
+++ b/actions/user/requestnewpassword.php
@@ -13,6 +13,8 @@
 	require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
 	global $CONFIG;
 	
+	action_gatekeeper();
+	
 	$username = get_input('username');
 	
 	$user = get_user_by_username($username);
diff --git a/languages/en.php b/languages/en.php
index da2d542cf..ba01080a0 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -716,7 +716,7 @@ You cannot reply to this email.",
 		/**
 		 * Action gatekeeper
 		 */
-			'actiongatekeeper:missingfields' => 'Form is missing __action, __token or __ts fields',
+			'actiongatekeeper:missingfields' => 'Form is missing __token or __ts fields',
 			'actiongatekeeper:tokeninvalid' => 'Token provided by form does not match that generated by server.',
 			'actiongatekeeper:timeerror' => 'Form has expired, please refresh and try again.',