From 1a7154ad17d69107cafd1f80e71e7cd5406f811c Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Mon, 5 Oct 2009 23:37:49 +0000 Subject: using delete action so security token is not skipped --- pages/viewalbum.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'pages/viewalbum.php') diff --git a/pages/viewalbum.php b/pages/viewalbum.php index 3cc854c94..402c2d7e6 100644 --- a/pages/viewalbum.php +++ b/pages/viewalbum.php @@ -52,8 +52,10 @@ add_submenu_item( elgg_echo('album:edit'), $CONFIG->wwwroot . 'pg/photos/edit/' . $album_guid, 'photos'); + $ts = time(); + $token = generate_action_token($ts); add_submenu_item( elgg_echo('album:delete'), - $CONFIG->wwwroot . 'pg/photos/delete/' . $album_guid, + $CONFIG->wwwroot . 'action/tidypics/delete?guid=' . $album_guid . '&__elgg_token=' . $token . '&__elgg_ts=' . $ts, 'photos', true); } -- cgit v1.2.3