From b2024d2dd3dd69fd48dda7d370b6c4a9c9cdc86b Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Mon, 11 Aug 2008 16:21:52 +0000
Subject: Added ability to disable security enhancements on form (for certain
 cases)

git-svn-id: https://code.elgg.org/elgg/trunk@1842 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 views/default/input/form.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'views/default/input/form.php')

diff --git a/views/default/input/form.php b/views/default/input/form.php
index 31415a287..7564468a4 100644
--- a/views/default/input/form.php
+++ b/views/default/input/form.php
@@ -26,10 +26,14 @@
 	$method = $vars['method']; if (!$method) $method = 'POST';
 
 	// Generate a security header
-	$ts = time();
-	$token = generate_action_token($ts);
-	$security_header = elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
-	$security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
+	$security_header = "";
+	if ($vars['disable_security']==true)
+	{
+		$ts = time();
+		$token = generate_action_token($ts);
+		$security_header = elgg_view('input/hidden', array('internalname' => '__elgg_token', 'value' => $token));
+		$security_header .= elgg_view('input/hidden', array('internalname' => '__elgg_ts', 'value' => $ts));
+	}
 ?>
 <form <?php if ($id) { ?>id="<?php echo $id; ?>" <?php } ?> <?php if ($name) { ?>name="<?php echo $name; ?>" <?php } ?> action="<?php echo $action; ?>" method="<?php echo $method; ?>" <?php if ($enctype!="") echo "enctype=\"$enctype\""; ?>>
 <?php echo $security_header; ?>
-- 
cgit v1.2.3