From 0c2c36ff3b0329ff849930d0403f933653a84dcd Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 14 May 2010 20:50:34 +0000
Subject: Merged 5928-6908 from 1.7 branch to trunk.

git-svn-id: http://code.elgg.org/elgg/trunk@6059 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/actions.php | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

(limited to 'engine/lib/actions.php')

diff --git a/engine/lib/actions.php b/engine/lib/actions.php
index 66c2d9505..57da1389f 100644
--- a/engine/lib/actions.php
+++ b/engine/lib/actions.php
@@ -21,9 +21,6 @@
 function action($action, $forwarder = "") {
 	global $CONFIG;
 
-	// set GET params
-	elgg_set_input_from_uri();
-
 	// @todo REMOVE THESE ONCE #1509 IS IN PLACE.
 	// Allow users to disable plugins without a token in order to
 	// remove plugins that are imcompatible.
@@ -72,6 +69,8 @@ function action($action, $forwarder = "") {
 			} else {
 				register_error(elgg_echo('actionloggedout'));
 			}
+		} else {
+			register_error(elgg_echo('actionunauthorized'));
 		}
 	} else {
 		register_error(sprintf(elgg_echo('actionundefined'),$action));
@@ -197,14 +196,11 @@ function generate_action_token($timestamp) {
 	// Current session id
 	$session_id = session_id();
 
-	// Get user agent
-	$ua = $_SERVER['HTTP_USER_AGENT'];
-
 	// Session token
 	$st = $_SESSION['__elgg_session'];
 
 	if (($site_secret) && ($session_id)) {
-		return md5($site_secret.$timestamp.$session_id.$ua.$st);
+		return md5($site_secret.$timestamp.$session_id.$st);
 	}
 
 	return FALSE;
-- 
cgit v1.2.3