Replace __CSRF__ token with a real csrf. This allows links in site status messages to persiste across sessions.

author: Bharat Mediratta <bharat@menalto.com> 2008-12-29 21:27:46 +0000
committer: Bharat Mediratta <bharat@menalto.com> 2008-12-29 21:27:46 +0000
commit: 26417f6dd4da2fd774fc7517a4379bcd17f06dae (patch)
tree: 815b276e64d7f3cdf6a56f0b6622308a5c6f2085
parent: ef4ec6d5131e729927b6d6b444c6d615e0b01a60 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/core/helpers/site_status.php b/core/helpers/site_status.php
index ccddd3fb..e35a2a8a 100644
--- a/core/helpers/site_status.php
+++ b/core/helpers/site_status.php
@@ -98,7 +98,8 @@ class site_status_Core {
     $buf = array();
 
     foreach (ORM::factory("message")->find_all() as $msg) {
-      $buf[] = "<li class=\"" . self::severity_class($msg->severity) . "\">$msg->value</li>";
+      $value = str_replace('__CSRF__', access::csrf_token(), $msg->value);
+      $buf[] = "<li class=\"" . self::severity_class($msg->severity) . "\">$value</li>";
     }
 
     if ($buf) {
author	Bharat Mediratta <bharat@menalto.com>	2008-12-29 21:27:46 +0000
committer	Bharat Mediratta <bharat@menalto.com>	2008-12-29 21:27:46 +0000
commit	26417f6dd4da2fd774fc7517a4379bcd17f06dae (patch)
tree	815b276e64d7f3cdf6a56f0b6622308a5c6f2085
parent	ef4ec6d5131e729927b6d6b444c6d615e0b01a60 (diff)