From b80683f2d8467634bc77ce04ee0d0f8b1de02212 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 10 Apr 2009 12:03:00 +0000
Subject: Rolled token into url and confirmlink

git-svn-id: https://code.elgg.org/elgg/trunk@3203 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 views/default/output/actionurl.php   | 33 ---------------------------------
 views/default/output/confirmlink.php | 16 ++++++++++++++--
 views/default/output/url.php         | 13 ++++++++++++-
 3 files changed, 26 insertions(+), 36 deletions(-)
 delete mode 100644 views/default/output/actionurl.php

(limited to 'views/default')

diff --git a/views/default/output/actionurl.php b/views/default/output/actionurl.php
deleted file mode 100644
index 172d38af1..000000000
--- a/views/default/output/actionurl.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php
-
-	/**
-	 * Elgg Action URL display
-	 * This is identical to the output/url view except that it also adds action gatekeeper tokens, making
-	 * it suitable for calling actions.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 * 
-	 * @uses $vars['value'] The URL to display
-	 * 
-	 */
-
-    $val = trim($vars['value']);
-    if (!empty($val)) {
-
-    	// Generate token 
-    	$ts = time();
-		$token = generate_action_token($ts);
-    	
-    	$sep = "?";
-		if (strpos($val, '?')>0) $sep = "&";
-		$val = "$val{$sep}__elgg_token=$token&__elgg_ts=$ts";
-		
-		echo elgg_view('output/url', array('value' => $val));
-    }
-
-?>
\ No newline at end of file
diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php
index a51e58af9..0843083f0 100644
--- a/views/default/output/confirmlink.php
+++ b/views/default/output/confirmlink.php
@@ -19,6 +19,18 @@
 
 	$confirm = $vars['confirm'];
 	if (!$confirm)
-		$confirm = elgg_echo('question:areyousure');
+		$confirm = elgg_echo('question:areyousure');
+		
+	$link = $vars['href'];
+	
+	if ($vars['is_action'])
+	{
+		$ts = time();
+		$token = generate_action_token($ts);
+    	
+    	$sep = "?";
+		if (strpos($link, '?')>0) $sep = "&";
+		$link = "$link{$sep}__elgg_token=$token&__elgg_ts=$ts";
+	}
 ?>
-<a href="<?php echo $vars['href']; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file
+<a href="<?php echo $link; ?>" onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
\ No newline at end of file
diff --git a/views/default/output/url.php b/views/default/output/url.php
index 07b5622bf..454b7fc70 100644
--- a/views/default/output/url.php
+++ b/views/default/output/url.php
@@ -19,7 +19,18 @@
     if (!empty($val)) {
 	    if ((substr_count($val, "http://") == 0) && (substr_count($val, "https://") == 0)) {
 	        $val = "http://" . $val;
-	    }
+	    }
+	    
+	    if ($vars['is_action'])
+		{
+			$ts = time();
+			$token = generate_action_token($ts);
+	    	
+	    	$sep = "?";
+			if (strpos($val, '?')>0) $sep = "&";
+			$val = "$val{$sep}__elgg_token=$token&__elgg_ts=$ts";
+		}
+	    
 	    echo "<a href=\"{$val}\" target=\"_blank\">". htmlentities($val, ENT_QUOTES, 'UTF-8'). "</a>";
     }
 
-- 
cgit v1.2.3