Put csrf token into Admin_View and Theme_View by default, then use it

directly wherever possible instead of access::csrf_token().

3 files changed, 2 insertions, 1 deletions

diff --git a/core/controllers/admin_maintenance.php b/core/controllers/admin_maintenance.php
index df912e29..52378fbc 100644
--- a/core/controllers/admin_maintenance.php
+++ b/core/controllers/admin_maintenance.php
@@ -44,7 +44,6 @@ class Admin_Maintenance_Controller extends Admin_Controller {
       ->where("done", 0)->orderby("updated", "DESC")->find_all();
     $view->content->finished_tasks = ORM::factory("task")
       ->where("done", 1)->orderby("updated", "DESC")->find_all();
-    $view->content->csrf = access::csrf_token();
     print $view;
   }
 
diff --git a/core/controllers/admin_themes.php b/core/controllers/admin_themes.php
index e6751bed..6ace4036 100644
--- a/core/controllers/admin_themes.php
+++ b/core/controllers/admin_themes.php
@@ -53,6 +53,7 @@ class Admin_Themes_Controller extends Admin_Controller {
     } else {
       $view->url = url::site("albums/1?theme=$theme_name");
     }
+    $view->csrf = access::csrf_token();
     print $view;
   }
 
diff --git a/core/controllers/quick.php b/core/controllers/quick.php
index 1b6e2bf8..166591fd 100644
--- a/core/controllers/quick.php
+++ b/core/controllers/quick.php
@@ -26,6 +26,7 @@ class Quick_Controller extends Controller {
 
     $view = new View("quick_pane.html");
     $view->item = $item;
+    $view->csrf = access::csrf_token();
     print $view;
   }