From 0d73738099f7c12f2185018a29b647763c9d36ce Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Fri, 29 Jan 2010 10:13:10 -0800
Subject: Stop using obsolete form::close() Update the way we include the
 hidden CSRF field for InPlaceEdit.

---
 modules/gallery/libraries/InPlaceEdit.php    | 1 -
 modules/gallery/views/in_place_edit.html.php | 5 +++--
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'modules/gallery')

diff --git a/modules/gallery/libraries/InPlaceEdit.php b/modules/gallery/libraries/InPlaceEdit.php
index 67ab3805..04a2e9a5 100644
--- a/modules/gallery/libraries/InPlaceEdit.php
+++ b/modules/gallery/libraries/InPlaceEdit.php
@@ -70,7 +70,6 @@ class InPlaceEdit_Core {
 
   public function render() {
     $v = new View("in_place_edit.html");
-    $v->hidden = array("csrf" => access::csrf_token());
     $v->action = url::site($this->action);
     $v->form = $this->form;
     $v->errors = $this->errors;
diff --git a/modules/gallery/views/in_place_edit.html.php b/modules/gallery/views/in_place_edit.html.php
index 45cf1d8c..b556829c 100644
--- a/modules/gallery/views/in_place_edit.html.php
+++ b/modules/gallery/views/in_place_edit.html.php
@@ -1,5 +1,6 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
-<?= form::open($action, array("method" => "post", "id" => "g-in-place-edit-form", "class" => "g-short-form"), $hidden) ?>
+<?= form::open($action, array("method" => "post", "id" => "g-in-place-edit-form", "class" => "g-short-form")) ?>
+  <?= access::csrf_form_field() ?>
   <ul>
     <li<? if (!empty($errors["input"])): ?> class="g-error"<? endif ?>>
       <?= form::input("input", $form["input"], " class=\"textbox\"") ?>
@@ -9,7 +10,7 @@
     </li>
     <li><a href="#" class="g-cancel"><?= t("Cancel") ?></a></li>
   </ul>
-<?= form::close() ?>
+</form>
 <? if (!empty($errors["input"])): ?>
 <div id="g-in-place-edit-message" class="g-error"><?= $errors["input"] ?></div>
 <? endif ?>
-- 
cgit v1.2.3