diff options
author | csarven <csarven@controlyourself.ca> | 2008-11-14 22:35:49 -0500 |
---|---|---|
committer | csarven <csarven@controlyourself.ca> | 2008-11-14 22:35:49 -0500 |
commit | 322a79739dbee9f5a9bb4e012cd75a3d034a8bad (patch) | |
tree | 67f0eb5589f27d5a7c0af607028e0f55b630e9b1 /actions/favor.php | |
parent | 6a02f5d3c2b2ffc93619a0e7c6e07ecc05be9909 (diff) |
trac670 trac689 Favorites (duplicate id, background image, JavaScript)
darcs-hash:20081115033549-eefa4-cfbca6f9c723aa63869c39d6851de7a7803f0703.gz
Diffstat (limited to 'actions/favor.php')
-rw-r--r-- | actions/favor.php | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/actions/favor.php b/actions/favor.php index dd61899e4..82b70a35b 100644 --- a/actions/favor.php +++ b/actions/favor.php @@ -38,16 +38,17 @@ class FavorAction extends Action { return; } + $id = $this->trimmed('notice'); + + $notice = Notice::staticGet($id); + # CSRF protection - $token = $this->trimmed('token'); + $token = $this->trimmed('token-'.$notice->id); if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); + $this->client_error(_("There was a problem with your session token. Try again, please.")); return; } - $id = $this->trimmed('notice'); - - $notice = Notice::staticGet($id); if ($user->hasFave($notice)) { $this->client_error(_('This notice is already a favorite!')); @@ -67,7 +68,7 @@ class FavorAction extends Action { if ($this->boolean('ajax')) { common_start_html('text/xml'); common_element_start('head'); - common_element('title', _('Disfavor')); + common_element('title', null, _('Disfavor favorite')); common_element_end('head'); common_element_start('body'); common_disfavor_form($notice); |