Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v diff -u -r1.8 -r1.8.2.1 --- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 1 Mar 2002 23:16:13 -0000 1.8 +++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 13 Mar 2002 18:45:48 -0000 1.8.2.1 @@ -1195,14 +1195,19 @@ return $tcl_secret_tokens($token_id) } else { set token [ns_cache eval secret_tokens $token_id { - return [db_string get_token {select token from secret_tokens + set token [db_string get_token {select token from secret_tokens where token_id = :token_id} -default 0] - }] - if { $token == 0 } { - error "Invalid token ID" - } + # Very important to throw the error here if $token == 0 + # see: http://www.arsdigita.com/sdm/one-ticket?ticket_id=10760 + if { $token == 0 } { + error "Invalid token ID" + } + + return $token + }] + set tcl_secret_tokens($token_id) $token return $token