merge in changes for CSRF, too

darcs-hash:20080830162223-84dde-573e490dc4fde68512ea4ec28599019d2740cfcf.gz

1 files changed, 10 insertions, 1 deletions

diff --git a/actions/register.php b/actions/register.php
index 9a871dd53..2ca86ddf5 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -36,7 +36,7 @@ class RegisterAction extends Action {
 	}
 
 	function try_register() {
-		
+
 		$token = $this->trimmed('token');
 		if (!$token || $token != common_session_token()) {
 			$this->show_form(_('There was a problem with your session token. Try again, please.'));
@@ -153,6 +153,15 @@ class RegisterAction extends Action {
 		common_element_start('form', array('method' => 'post',
 										   'id' => 'login',
 										   'action' => common_local_url('register')));
+
+		common_hidden('token', common_session_token());
+
+		if ($this->trimmed('code')) {
+			$code = ($this->trimmed('code'));
+			$invite = Invitation::staticGet($code);
+			common_hidden('code', $code);
+		}
+
 		common_input('nickname', _('Nickname'), $this->trimmed('nickname'),
 					 _('1-64 lowercase letters or numbers, no punctuation or spaces. Required.'));
 		common_password('password', _('Password'),