From 8a74a87356b54f907c341b8d6b3bcbe6b1e2ba18 Mon Sep 17 00:00:00 2001 From: Cash Costello Date: Tue, 1 Sep 2009 01:46:53 +0000 Subject: added security token to download button --- views/default/tidypics/image_menu.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'views') diff --git a/views/default/tidypics/image_menu.php b/views/default/tidypics/image_menu.php index afbb34f21..b804c8491 100644 --- a/views/default/tidypics/image_menu.php +++ b/views/default/tidypics/image_menu.php @@ -42,9 +42,13 @@ } } - if (get_plugin_setting('download_link', 'tidypics') != "disabled") { + if (get_plugin_setting('download_link', 'tidypics') != "disabled") { + $ts = time(); + $token = generate_action_token($ts); + + $download_url = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid . "&__elgg_token=$token&__elgg_ts=$ts"; ?> -
  • +
  • \ No newline at end of file -- cgit v1.2.3