From 921f3a2eeeca9be23cb006a31b6d6f71e186374a Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Fri, 27 Mar 2009 03:43:21 +0000
Subject: Put csrf token into Admin_View and Theme_View by default, then use it
 directly wherever possible instead of access::csrf_token().

---
 themes/admin_default/views/block.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'themes')

diff --git a/themes/admin_default/views/block.html.php b/themes/admin_default/views/block.html.php
index 332e440b..21512d02 100644
--- a/themes/admin_default/views/block.html.php
+++ b/themes/admin_default/views/block.html.php
@@ -2,7 +2,7 @@
 <div block_id="<?= $id ?>" id="<?= $css_id ?>" class="gBlock ui-widget">
   <div class="ui-dialog-titlebar ui-widget-header ui-helper-clearfix ui-icon-right">
     <? if ($css_id != "gBlockAdder"): ?>
-    <a href="<?= url::site("admin/dashboard/remove_block/$id?csrf=" . access::csrf_token()) ?>"
+    <a href="<?= url::site("admin/dashboard/remove_block/$id?csrf=$csrf") ?>"
        class="ui-dialog-titlebar-close ui-corner-all">
       <span class="ui-icon ui-icon-closethick">remove</span>
     </a>
-- 
cgit v1.2.3