diff options
Diffstat (limited to 'views/default/object')
| -rw-r--r-- | views/default/object/image.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/views/default/object/image.php b/views/default/object/image.php index 2d560f8bb..a97916b7a 100644 --- a/views/default/object/image.php +++ b/views/default/object/image.php @@ -147,7 +147,10 @@ <div id="tidypics_image_wrapper"> <?php if (get_plugin_setting('download_link', 'tidypics') != "disabled") { - echo "<a href=\"{$vars['url']}action/tidypics/download?file_guid={$image_guid}&view=inline\" title=\"{$title}\"><img id=\"tidypics_image\" src=\"{$vars['url']}mod/tidypics/thumbnail.php?file_guid={$image_guid}&size=large\" alt=\"{$title}\" /></a>"; + $ts = time(); + $token = generate_action_token($ts); + $download_url = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid . "&view=inline&__elgg_token={$token}&__elgg_ts={$ts}"; + echo "<a href=\"{$download_url}\" title=\"{$title}\"><img id=\"tidypics_image\" src=\"{$vars['url']}mod/tidypics/thumbnail.php?file_guid={$image_guid}&size=large\" alt=\"{$title}\" /></a>"; } else { echo "<img id=\"tidypics_image\" src=\"{$vars['url']}mod/tidypics/thumbnail.php?file_guid={$image_guid}&size=large\" alt=\"{$title}\" />"; } |