From 06c3b6e3c41c629e510c55199bd19914273b0e64 Mon Sep 17 00:00:00 2001
From: cash <cash.costello@gmail.com>
Date: Sat, 23 Feb 2013 14:16:29 -0500
Subject: Fixes #4997 stop requesting a token after a failed request

---
 engine/lib/actions.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'engine/lib/actions.php')

diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 53b185dea..ac6325813 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -252,10 +252,20 @@ function validate_action_token($visibleerrors = TRUE, $token = NULL, $ts = NULL)
 					register_error(elgg_echo('actiongatekeeper:pluginprevents'));
 				}
 			} else if ($visibleerrors) {
-				register_error(elgg_echo('actiongatekeeper:timeerror'));
+				// this is necessary because of #5133
+				if (elgg_is_xhr()) {
+					register_error(elgg_echo('js:security:token_refresh_failed', array(elgg_get_site_url())));
+				} else {
+					register_error(elgg_echo('actiongatekeeper:timeerror'));
+				}
 			}
 		} else if ($visibleerrors) {
-			register_error(elgg_echo('actiongatekeeper:tokeninvalid'));
+			// this is necessary because of #5133
+			if (elgg_is_xhr()) {
+				register_error(elgg_echo('js:security:token_refresh_failed', array(elgg_get_site_url())));
+			} else {
+				register_error(elgg_echo('actiongatekeeper:tokeninvalid'));
+			}
 		}
 	} else {
 		if (! empty($_SERVER['CONTENT_LENGTH']) && empty($_POST)) {
-- 
cgit v1.2.3