savetheclocktower/gist:19796

## gistfile1.txt
From 797e8a43b49fdc26720b1cda80da2735fe724c66 Mon Sep 17 00:00:00 2001
From: Andrew Dupont <prototype@andrewdupont.net>
Date: Sat, 25 Oct 2008 16:16:39 -0500
Subject: [PATCH] Fix links for switching to and downloading themes (they require a POST for security reasons).

---
 app/views/admin/themes/_tools.rhtml |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/admin/themes/_tools.rhtml b/app/views/admin/themes/_tools.rhtml
index 215a3a7..00970c7 100644
--- a/app/views/admin/themes/_tools.rhtml
+++ b/app/views/admin/themes/_tools.rhtml
@@ -10,12 +10,12 @@
   <div id="theme-options">
     <ul>
     <% unless @theme.current? -%>
-      <li><%= link_to 'Use theme', :action => 'change_to', :id => @theme %></li>
+      <li><%= link_to 'Use theme', { :action => 'change_to', :id => @theme }, :method => :post %></li>
       <li><%= link_to 'Edit theme', :controller => 'design', :action => 'index', :theme => @theme %></li>
     <% else -%>
       <li><%= link_to 'Edit theme', :controller => 'design', :action => 'index' %></li>
     <% end -%>
-      <li><%= link_to 'Download theme', :action => 'export', :id => @theme %></li>
+      <li><%= link_to 'Download theme', { :action => 'export', :id => @theme }, :method => :post %></li>
     <% unless @theme.current? -%>
       <li><%= link_to_remote 'Delete theme', :url => {:action => 'destroy', :id => @theme}, :method => :delete,
                 :confirm => "Are you sure you wish to delete this theme stored at 'themes/site-#{site.id}/#{@theme.path.relative_path_from(site.theme_path).to_s}'?" %></li>
--
1.5.3.1
	From 797e8a43b49fdc26720b1cda80da2735fe724c66 Mon Sep 17 00:00:00 2001
	From: Andrew Dupont <prototype@andrewdupont.net>
	Date: Sat, 25 Oct 2008 16:16:39 -0500
	Subject: [PATCH] Fix links for switching to and downloading themes (they require a POST for security reasons).

	---
	app/views/admin/themes/_tools.rhtml \| 4 ++--
	1 files changed, 2 insertions(+), 2 deletions(-)

	diff --git a/app/views/admin/themes/_tools.rhtml b/app/views/admin/themes/_tools.rhtml
	index 215a3a7..00970c7 100644
	--- a/app/views/admin/themes/_tools.rhtml
	+++ b/app/views/admin/themes/_tools.rhtml
	@@ -10,12 +10,12 @@
	<div id="theme-options">
	<ul>
	<% unless @theme.current? -%>
	- <li><%= link_to 'Use theme', :action => 'change_to', :id => @theme %></li>
	+ <li><%= link_to 'Use theme', { :action => 'change_to', :id => @theme }, :method => :post %></li>
	<li><%= link_to 'Edit theme', :controller => 'design', :action => 'index', :theme => @theme %></li>
	<% else -%>
	<li><%= link_to 'Edit theme', :controller => 'design', :action => 'index' %></li>
	<% end -%>
	- <li><%= link_to 'Download theme', :action => 'export', :id => @theme %></li>
	+ <li><%= link_to 'Download theme', { :action => 'export', :id => @theme }, :method => :post %></li>
	<% unless @theme.current? -%>
	<li><%= link_to_remote 'Delete theme', :url => {:action => 'destroy', :id => @theme}, :method => :delete,
	:confirm => "Are you sure you wish to delete this theme stored at 'themes/site-#{site.id}/#{@theme.path.relative_path_from(site.theme_path).to_s}'?" %></li>
	--
	1.5.3.1