Index: includes/batch.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/batch.inc,v retrieving revision 1.1 diff -u -r1.1 batch.inc --- includes/batch.inc 4 May 2007 09:41:36 -0000 1.1 +++ includes/batch.inc 13 May 2007 13:55:03 -0000 @@ -8,11 +8,9 @@ * State based dispatcher for batches. */ function _batch_page() { - global $user; - $batch =& batch_get(); - if (isset($_REQUEST['id']) && $data = db_result(db_query("SELECT batch FROM {batch} WHERE bid = %d AND sid = %d", $_REQUEST['id'], $user->sid))) { + if (isset($_REQUEST['id']) && $data = db_result(db_query("SELECT batch FROM {batch} WHERE bid = %d AND token = %d", $_REQUEST['id'], drupal_get_token($_REQUEST['id'])))) { $batch = unserialize($data); } else { Index: includes/form.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/form.inc,v retrieving revision 1.194 diff -u -r1.194 form.inc --- includes/form.inc 7 May 2007 10:15:57 -0000 1.194 +++ includes/form.inc 13 May 2007 13:55:04 -0000 @@ -1834,7 +1834,7 @@ * URL of the batch processing page. */ function batch_process($redirect = NULL, $url = NULL) { - global $form_values, $user; + global $form_values; $batch =& batch_get(); // batch_process should not be called inside form _submit callbacks, or while a @@ -1868,7 +1868,7 @@ $batch['destination'] = $_REQUEST['edit']['destination']; unset($_REQUEST['edit']['destination']); } - db_query("INSERT INTO {batch} (bid, sid, timestamp, batch) VALUES (%d, %d, %d, '%s')", $batch['id'], $user->sid, time(), serialize($batch)); + db_query("INSERT INTO {batch} (bid, token, timestamp, batch) VALUES (%d, %d, %d, '%s')", $batch['id'], drupal_get_token($batch['id']), time(), serialize($batch)); drupal_goto($batch['url'], 'op=start&id='. $batch['id']); } else { Index: update.php =================================================================== RCS file: /cvs/drupal/drupal/update.php,v retrieving revision 1.221 diff -u -r1.221 update.php --- update.php 9 May 2007 11:39:23 -0000 1.221 +++ update.php 13 May 2007 13:55:03 -0000 @@ -685,22 +685,22 @@ case 'mysqli': $ret[] = update_sql("CREATE TABLE {batch} ( bid int(11) NOT NULL, - sid varchar(64) NOT NULL, + token varchar(64) NOT NULL, timestamp int(11) NOT NULL, batch longtext, PRIMARY KEY (bid), - KEY sid (sid) + KEY token (token) ) /*!40100 DEFAULT CHARACTER SET UTF8 */ "); break; case 'pgsql': $ret[] = update_sql("CREATE TABLE {batch} ( bid int NOT NULL default '0', - sid varchar(64) NOT NULL default '', + token varchar(64) NOT NULL default '', timestamp int NOT NULL default '0', batch text, PRIMARY KEY (bid) )"); - $ret[] = update_sql("CREATE INDEX {batch}_sid_idx ON {batch} (sid)"); + $ret[] = update_sql("CREATE INDEX {batch}_token_idx ON {batch} (token)"); break; } return $ret; Index: modules/system/system.install =================================================================== RCS file: /cvs/drupal/drupal/modules/system/system.install,v retrieving revision 1.105 diff -u -r1.105 system.install --- modules/system/system.install 11 May 2007 07:33:46 -0000 1.105 +++ modules/system/system.install 13 May 2007 13:55:06 -0000 @@ -192,11 +192,11 @@ db_query("CREATE TABLE {batch} ( bid int(11) NOT NULL, - sid varchar(64) NOT NULL, + token varchar(64) NOT NULL, timestamp int(11) NOT NULL, batch longtext, PRIMARY KEY (bid), - KEY sid (sid) + KEY token (token) ) /*!40100 DEFAULT CHARACTER SET UTF8 */ "); db_query("CREATE TABLE {blocks} ( @@ -677,12 +677,12 @@ db_query("CREATE TABLE {batch} ( bid int NOT NULL default '0', - sid varchar(64) NOT NULL default '', + token varchar(64) NOT NULL default '', timestamp int NOT NULL default '0', batch text, PRIMARY KEY (bid) )"); - db_query("CREATE INDEX {batch}_sid_idx ON {batch} (sid)"); + db_query("CREATE INDEX {batch}_token_idx ON {batch} (token)"); db_query("CREATE TABLE {blocks} ( module varchar(64) DEFAULT '' NOT NULL,