function sessionToken()
{
- $this->out->hidden('token-' . $this->id() ?: common_random_hexstr(3), common_session_token(), 'token');
+ if (strtolower($this->method()) == 'post') {
+ $this->out->hidden('token-' . $this->id() ?: common_random_hexstr(3), common_session_token(), 'token');
+ }
}
/**