aboutsummaryrefslogtreecommitdiff
path: root/mod/profile/views/default
diff options
context:
space:
mode:
Diffstat (limited to 'mod/profile/views/default')
-rw-r--r--mod/profile/views/default/profile/menu/actions.php10
1 files changed, 7 insertions, 3 deletions
diff --git a/mod/profile/views/default/profile/menu/actions.php b/mod/profile/views/default/profile/menu/actions.php
index d348831c1..2c26e2814 100644
--- a/mod/profile/views/default/profile/menu/actions.php
+++ b/mod/profile/views/default/profile/menu/actions.php
@@ -13,11 +13,15 @@
*/
if (isloggedin()) {
- if ($_SESSION['user']->getGUID() != $vars['entity']->getGUID()) {
+ if ($_SESSION['user']->getGUID() != $vars['entity']->getGUID()) {
+
+ $ts = time();
+ $token = generate_action_token($ts);
+
if ($vars['entity']->isFriend()) {
- echo "<p class=\"user_menu_removefriend\"><a href=\"{$vars['url']}action/friends/remove?friend={$vars['entity']->getGUID()}\">" . elgg_echo("friend:remove") . "</a></p>";
+ echo "<p class=\"user_menu_removefriend\"><a href=\"{$vars['url']}action/friends/remove?friend={$vars['entity']->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\">" . elgg_echo("friend:remove") . "</a></p>";
} else {
- echo "<p class=\"user_menu_addfriend\"><a href=\"{$vars['url']}action/friends/add?friend={$vars['entity']->getGUID()}\">" . elgg_echo("friend:add") . "</a></p>";
+ echo "<p class=\"user_menu_addfriend\"><a href=\"{$vars['url']}action/friends/add?friend={$vars['entity']->getGUID()}&__elgg_token=$token&__elgg_ts=$ts\">" . elgg_echo("friend:add") . "</a></p>";
}
}
}