Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v
diff -u -r1.8 -r1.8.2.1
--- openacs-4/packages/acs-tcl/tcl/security-procs.tcl	1 Mar 2002 23:16:13 -0000	1.8
+++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl	13 Mar 2002 18:45:48 -0000	1.8.2.1
@@ -1195,14 +1195,19 @@
 	return $tcl_secret_tokens($token_id)
     } else {
 	set token [ns_cache eval secret_tokens $token_id {
-	    return [db_string get_token {select token from secret_tokens
+	    set token [db_string get_token {select token from secret_tokens
                        	                 where token_id = :token_id} -default 0]
-	}]
 
-        if { $token == 0 } {
-	    error "Invalid token ID"
-	}
+	    # Very important to throw the error here if $token == 0
+	    # see: http://www.arsdigita.com/sdm/one-ticket?ticket_id=10760
 
+            if { $token == 0 } {
+	        error "Invalid token ID"
+	    }
+
+	    return $token
+	}]
+
 	set tcl_secret_tokens($token_id) $token
 	return $token