From 921f3a2eeeca9be23cb006a31b6d6f71e186374a Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Fri, 27 Mar 2009 03:43:21 +0000
Subject: Put csrf token into Admin_View and Theme_View by default, then use it
 directly wherever possible instead of access::csrf_token().

---
 core/controllers/admin_maintenance.php | 1 -
 core/controllers/admin_themes.php      | 1 +
 core/controllers/quick.php             | 1 +
 3 files changed, 2 insertions(+), 1 deletion(-)

(limited to 'core/controllers')

diff --git a/core/controllers/admin_maintenance.php b/core/controllers/admin_maintenance.php
index df912e29..52378fbc 100644
--- a/core/controllers/admin_maintenance.php
+++ b/core/controllers/admin_maintenance.php
@@ -44,7 +44,6 @@ class Admin_Maintenance_Controller extends Admin_Controller {
       ->where("done", 0)->orderby("updated", "DESC")->find_all();
     $view->content->finished_tasks = ORM::factory("task")
       ->where("done", 1)->orderby("updated", "DESC")->find_all();
-    $view->content->csrf = access::csrf_token();
     print $view;
   }
 
diff --git a/core/controllers/admin_themes.php b/core/controllers/admin_themes.php
index e6751bed..6ace4036 100644
--- a/core/controllers/admin_themes.php
+++ b/core/controllers/admin_themes.php
@@ -53,6 +53,7 @@ class Admin_Themes_Controller extends Admin_Controller {
     } else {
       $view->url = url::site("albums/1?theme=$theme_name");
     }
+    $view->csrf = access::csrf_token();
     print $view;
   }
 
diff --git a/core/controllers/quick.php b/core/controllers/quick.php
index 1b6e2bf8..166591fd 100644
--- a/core/controllers/quick.php
+++ b/core/controllers/quick.php
@@ -26,6 +26,7 @@ class Quick_Controller extends Controller {
 
     $view = new View("quick_pane.html");
     $view->item = $item;
+    $view->csrf = access::csrf_token();
     print $view;
   }
 
-- 
cgit v1.2.3