\r
// slideshow plugin hook\r
register_plugin_hook('tp_slideshow', 'album', 'tidypics_slideshow');\r
+ \r
+ // no checking security token for download\r
+ register_plugin_hook('action', 'tidypics/download', 'tidypics_download_override');\r
}\r
\r
/**\r
}\r
\r
\r
+ /**\r
+ * Called before validating the security token on a download link\r
+ * We don't need security as this is not a true action (it doesn't change any data)\r
+ * \r
+ * @return false (shouldn't return though since the action exits\r
+ */\r
+ function tidypics_download_override($hook, $action)\r
+ {\r
+ global $CONFIG;\r
+ \r
+ include $CONFIG->actions[$action]['file'];\r
+ \r
+ return false;\r
+ }\r
+ \r
\r
// Make sure tidypics_init is called on initialisation\r
register_elgg_event_handler('init','system','tidypics_init');\r
// this code controls whether the photo is a hyperlink or not and what it links to
$image_link = false;
if (get_plugin_setting('download_link', 'tidypics') != "disabled") {
- // admin allows downloads so default to download link
- $ts = time();
- $token = generate_action_token($ts);
- $image_link = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid . "&view=inline&__elgg_token={$token}&__elgg_ts={$ts}";
+ // admin allows downloads so default to inline download link
+ $image_link = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid . "&view=inline";
}
// does any plugin want to override the link
$image_link = trigger_plugin_hook('tp_image_link', 'image', $image, $image_link);
}\r
\r
if (get_plugin_setting('download_link', 'tidypics') != "disabled") {\r
- $ts = time();\r
- $token = generate_action_token($ts);\r
- \r
- $download_url = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid . "&__elgg_token={$token}&__elgg_ts={$ts}"; \r
+ $download_url = $vars['url'] . "action/tidypics/download?file_guid=" . $image_guid; \r
?>\r
<li id="download_image"><a href="<?php echo $download_url; ?>"><?php echo elgg_echo("image:download"); ?></a></li>\r
<?php\r
}\r
\r
?>\r
+<div class="clearfloat"></div>\r
</div>\r
<div id="tidypics_delete_tag_menu" class="tidypics_popup">\r
<div class='tidypics_popup_header'><h3><?php echo elgg_echo('tidypics:deltag_title'); ?></h3></div>\r