diff options
Diffstat (limited to 'mod/apiadmin/views')
-rw-r--r-- | mod/apiadmin/views/default/object/api_key.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/mod/apiadmin/views/default/object/api_key.php b/mod/apiadmin/views/default/object/api_key.php index fdfe9af54..26d452be5 100644 --- a/mod/apiadmin/views/default/object/api_key.php +++ b/mod/apiadmin/views/default/object/api_key.php @@ -14,9 +14,12 @@ $public_label = elgg_echo('apiadmin:public'); $private_label = elgg_echo('apiadmin:private'); $revoke_label = elgg_echo('apiadmin:revoke'); + + $ts = time(); + $token = generate_action_token($ts); - $info = "<div><p><b>{$entity->title}</b> <a href=\"{$CONFIG->url}actions/apiadmin/revokekey?keyid={$entity->guid}\">$revoke_label</a></p></div>"; + $info = "<div><p><b>{$entity->title}</b> <a href=\"{$CONFIG->url}actions/apiadmin/revokekey?keyid={$entity->guid}&__elgg_token=$token&__elgg_ts=$ts\">$revoke_label</a></p></div>"; $info .= "<div><p><b>$public_label:</b> {$entity->public}<br />"; if (isadminloggedin()) { // Only show secret portion to admins |