From dcc72a2a189dead27a118116d0eee5a1d18aa83e Mon Sep 17 00:00:00 2001
From: ichuang <ichuang@gmail.com>
Date: Sat, 26 May 2012 22:34:19 -0400
Subject: [PATCH] added csrf handling to quickedit

---
 djangoapps/courseware/views.py | 1 +
 templates/quickedit.html       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/djangoapps/courseware/views.py b/djangoapps/courseware/views.py
index 313259bdb7..8c1cb3d46e 100644
--- a/djangoapps/courseware/views.py
+++ b/djangoapps/courseware/views.py
@@ -387,6 +387,7 @@ def quickedit(request, id=None):
                'pxmls' : pxmls,
                'phtml' : phtml,
                'init_js':instance.get_init_js(),
+               'csrf':csrf(request)['csrf_token'],
                }
 
     result = render_to_response('quickedit.html', context)
diff --git a/templates/quickedit.html b/templates/quickedit.html
index c08c5e3f51..35f76b09a7 100644
--- a/templates/quickedit.html
+++ b/templates/quickedit.html
@@ -53,6 +53,7 @@ function postJSON(url, data, callback) {
 <br/>
 <input type="submit" value="Change Problem" name="qesubmit" />
 <input type="submit" value="Revert to original" name="qesubmit" />
+<input type="hidden" name="csrfmiddlewaretoken" value="${csrf}"/>
 </form>
 
 <span>${msg|n}</span>