Index: openacs-4/packages/search/lib/navbar.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/search/lib/navbar.tcl,v
diff -u -r1.5 -r1.6
--- openacs-4/packages/search/lib/navbar.tcl	27 Oct 2014 16:41:54 -0000	1.5
+++ openacs-4/packages/search/lib/navbar.tcl	7 Aug 2017 23:48:29 -0000	1.6
@@ -12,38 +12,48 @@
 set first_page_in_group [expr { $current_page_group * $pages_per_group }]
 set last_page_in_group [expr { ($current_page_group + 1) * $pages_per_group - 1 }]
 
+security::csrf::new
+if {[info exists ::__csrf_token]} {set __csrf_token $::__csrf_token}
+
 if { $current_page_group >= 1 } {
     set offset [expr {($current_page_group - 1) * $pages_per_group * $limit}]
-    set url_previous_group [export_vars -base search {{q $urlencoded_query} search_package_id offset num}]
+    set url_previous_group [export_vars -base search {q search_package_id offset num __csrf_token}]
 } else {
     set url_previous_group ""
 }
 
 if { $current_page_group < $last_page_group } {
     set offset [expr {($current_page_group + 1) * $pages_per_group * $limit}]
-    set url_next_group [export_vars -base search {{q $urlencoded_query} search_package_id offset num}]
+    set url_next_group [export_vars -base search {q search_package_id offset num __csrf_token}]
 } else {
     set url_next_group ""
 }
 
 if { $current_result_page > 0 } { 
     set offset [expr {($current_result_page - 1) * $limit}]
-    set url_previous [export_vars -base search {{q $urlencoded_query} search_package_id offset num}]
+    set url_previous [export_vars -base search {q search_package_id offset num __csrf_token}]
 } else {
     set url_previous ""
 }
 
 if { $current_result_page < $last_result_page } { 
     set offset [expr {$current_result_page * $limit + $limit}]
-    set url_next [export_vars -base search {{q $urlencoded_query} search_package_id offset num}]
+    set url_next [export_vars -base search {q search_package_id offset num __csrf_token}]
 } else {
     set url_next ""
 }
 
 template::multirow create results_paginator item link current_p
 for { set __i $from_result_page } { $__i <= $to_result_page} { incr __i } {
-    set link "search?q=${urlencoded_query}&search_package_id=$search_package_id"
-    append link "&offset=[expr {$__i * $limit}]"
-    append link "&num=$num"
+    set offset [expr {$__i * $limit}]
+    set link [export_vars -base search {q search_package_id offset num __csrf_token}]
     template::multirow append results_paginator [expr {$__i + 1}] $link [expr {$__i == $current_result_page}]
 }
+
+ad_return_template [template::themed_template /packages/search/lib/navbar]
+
+# Local variables:
+#    mode: tcl
+#    tcl-indent-level: 4
+#    indent-tabs-mode: nil
+# End: