X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fform.php;h=ee97f7a32f571b52e0cf0e4ab79766a5763298bb;hb=c77bce12e53418c2457f17ce1e34238f7baa448d;hp=f6501dc6daf699b0b190f748c459d34a064638f9;hpb=4b98edf75f4e255f8c61087bd1525d89653a521f;p=quix0rs-gnu-social.git

diff --git a/lib/form.php b/lib/form.php
index f6501dc6da..ee97f7a32f 100644
--- a/lib/form.php
+++ b/lib/form.php
@@ -91,7 +91,9 @@ class Form extends Widget
 
     function sessionToken()
     {
-        $this->out->hidden('token', common_session_token());
+        if (strtolower($this->method()) == 'post') {
+            $this->out->hidden('token-' . $this->id() ?: common_random_hexstr(3), common_session_token(), 'token');
+        }
     }
 
     /**
@@ -172,7 +174,13 @@ class Form extends Widget
     }
 
     /**
-     * Class of the form.
+     * Class of the form. May include space-separated list of multiple classes.
+     *
+     * If 'ajax' is included, the form will automatically be submitted with
+     * an 'ajax=1' parameter added, and the resulting form or error message
+     * will replace the form after submission.
+     *
+     * It's up to you to make sure that the target action supports this!
      *
      * @return string the form's class
      */