From 921f3a2eeeca9be23cb006a31b6d6f71e186374a Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Fri, 27 Mar 2009 03:43:21 +0000
Subject: Put csrf token into Admin_View and Theme_View by default, then use it
 directly wherever possible instead of access::csrf_token().

---
 core/views/permissions_browse.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'core/views/permissions_browse.html.php')

diff --git a/core/views/permissions_browse.html.php b/core/views/permissions_browse.html.php
index 4c960134..36d097cc 100644
--- a/core/views/permissions_browse.html.php
+++ b/core/views/permissions_browse.html.php
@@ -12,7 +12,7 @@
     });
   }
 
-  var action_url = "<?= url::site("permissions/change/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=" . access::csrf_token()) ?>";
+  var action_url = "<?= url::site("permissions/change/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=$csrf") ?>";
   set = function(cmd, group_id, perm_id, item_id) {
     $.ajax({
       url: action_url.replace("__CMD__", cmd).replace("__GROUP__", group_id).
-- 
cgit v1.2.3