diff options
Diffstat (limited to 'views/default')
-rw-r--r-- | views/default/output/actionurl.php | 33 | ||||
-rw-r--r-- | views/default/output/confirmlink.php | 16 | ||||
-rw-r--r-- | views/default/output/url.php | 13 |
3 files changed, 26 insertions, 36 deletions
diff --git a/views/default/output/actionurl.php b/views/default/output/actionurl.php deleted file mode 100644 index 172d38af1..000000000 --- a/views/default/output/actionurl.php +++ /dev/null @@ -1,33 +0,0 @@ -<?php
-
- /**
- * Elgg Action URL display
- * This is identical to the output/url view except that it also adds action gatekeeper tokens, making - * it suitable for calling actions.
- *
- * @package Elgg
- * @subpackage Core
- * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
- * @author Curverider Ltd
- * @copyright Curverider Ltd 2008-2009
- * @link http://elgg.org/
- *
- * @uses $vars['value'] The URL to display
- *
- */
-
- $val = trim($vars['value']);
- if (!empty($val)) {
- - // Generate token - $ts = time(); - $token = generate_action_token($ts); - - $sep = "?"; - if (strpos($val, '?')>0) $sep = "&"; - $val = "$val{$sep}__elgg_token=$token&__elgg_ts=$ts"; - - echo elgg_view('output/url', array('value' => $val));
- }
-
-?>
\ No newline at end of file diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php index a51e58af9..0843083f0 100644 --- a/views/default/output/confirmlink.php +++ b/views/default/output/confirmlink.php @@ -19,6 +19,18 @@ $confirm = $vars['confirm'];
if (!$confirm)
- $confirm = elgg_echo('question:areyousure');
+ $confirm = elgg_echo('question:areyousure'); + + $link = $vars['href']; + + if ($vars['is_action']) + { + $ts = time(); + $token = generate_action_token($ts); + + $sep = "?"; + if (strpos($link, '?')>0) $sep = "&"; + $link = "$link{$sep}__elgg_token=$token&__elgg_ts=$ts"; + }
?>
-<a href="<?php echo $vars['href']; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file +<a href="<?php echo $link; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file diff --git a/views/default/output/url.php b/views/default/output/url.php index 07b5622bf..454b7fc70 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -19,7 +19,18 @@ if (!empty($val)) {
if ((substr_count($val, "http://") == 0) && (substr_count($val, "https://") == 0)) {
$val = "http://" . $val;
- }
+ } + + if ($vars['is_action']) + { + $ts = time(); + $token = generate_action_token($ts); + + $sep = "?"; + if (strpos($val, '?')>0) $sep = "&"; + $val = "$val{$sep}__elgg_token=$token&__elgg_ts=$ts"; + } +
echo "<a href=\"{$val}\" target=\"_blank\">". htmlentities($val, ENT_QUOTES, 'UTF-8'). "</a>";
}
|