From 6b9899d11cb84fcb2d46ebc69a8764f4e24e2889 Mon Sep 17 00:00:00 2001
From: Duncan Sommerville <duncan.sommerville@gmail.com>
Date: Fri, 26 Jun 2015 10:45:26 -0400
Subject: [PATCH] SAAS-882 - Switch edit user page to use new-style csrf
 generation

---
 airtime_mvc/application/forms/EditUser.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/airtime_mvc/application/forms/EditUser.php b/airtime_mvc/application/forms/EditUser.php
index 9b8311c7e..d9486113f 100644
--- a/airtime_mvc/application/forms/EditUser.php
+++ b/airtime_mvc/application/forms/EditUser.php
@@ -23,9 +23,10 @@ class Application_Form_EditUser extends Zend_Form
                 array('ViewScript', array('viewScript' => 'form/edit-user.phtml', "currentUser" => $currentUser->getLogin()))));
         $this->setAttrib('id', 'current-user-form');
 
-        $this->addElement('hash', 'csrf', array(
-           'salt' => 'unique'
-        ));
+        $csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
+        $csrf_element = new Zend_Form_Element_Hidden('csrf');
+        $csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label');
+        $this->addElement($csrf_element);
         
         $hidden = new Zend_Form_Element_Hidden('cu_user_id');
         $hidden->setDecorators(array('ViewHelper'));