Remove CSRF protection from username/password login and from OpenID login.

[quix0rs-gnu-social.git] / actions / apitimelinefavorites.php

diff --git a/actions/apitimelinefavorites.php b/actions/apitimelinefavorites.php
index 79632447ef0782b1e9887a703e505efd0d60f054..7228960c0b48bfef8262366987ad7a3954a75407 100644 (file)
--- a/actions/apitimelinefavorites.php
+++ b/actions/apitimelinefavorites.php
@@ -25,6 +25,7 @@
  * @author    Evan Prodromou <evan@status.net>
  * @author    Zach Copley <zach@status.net>
  * @copyright 2009-2010 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */
@@ -150,7 +151,7 @@ class ApiTimelineFavoritesAction extends ApiBareAuthAction
 
             header('Content-Type: application/atom+xml; charset=utf-8');
 
-            $atom = new AtomNoticeFeed();
+            $atom = new AtomNoticeFeed($this->auth_user);
 
             $atom->setId($id);
             $atom->setTitle($title);