diff --git a/notification_button.py b/notification_button.py
index c4e8a64..3b86870 100755
--- a/notification_button.py
+++ b/notification_button.py
@@ -1,4 +1,5 @@
 import logging
+import subprocess
 
 import sys, getopt
 from config import config
@@ -21,8 +22,9 @@ def main(argv):
 
     session.update_csrf()
 
-    #todo: for board, postid and action args, send the request
-    session.post_actions(board=optdict['-b'], postid=optdict['-p'], actions=optdict['-a'])
+    res = session.post_actions(board=optdict['-b'], postid=optdict['-p'], actions=optdict['-a'])
+    if 'message' in res:
+        subprocess.call(['termux-toast', res['message']])
 
 if __name__ == '__main__':
     main(sys.argv[1:])
diff --git a/session.py b/session.py
index f5ee789..3f98be2 100644
--- a/session.py
+++ b/session.py
@@ -36,21 +36,34 @@ class ModSession(Session):
 
     def update_csrf(self):
         try:
-            res = self.get(url=f'{self.imageboard_url}/csrf.json',
-                headers={'Referer': f'{self.imageboard_url}/csrf.json'}).json()
-            if 'token' in res:
-                self.csrf_token = res['token']
-            else:
-                raise Exception('Unable to update csrf token')
+
+#            res = self.get(url=f'{self.imageboard_url}/csrf.json',
+#                headers={'Referer': f'{self.imageboard_url}/csrf.json'}).json()
+#            if 'token' in res:
+#                self.csrf_token = res['token']
+#            else:
+#                raise Exception('Unable to update csrf token')
+
+            #temporary hack to get csrf token to test on <=0.1.10
+            res2 = self.get(url=f'{self.imageboard_url}/account.html',
+                headers={'Referer': f'{self.imageboard_url}/account.html'})
+            csrfi = res2.text.index('_csrf')
+            self.csrf_token = res2.text[csrfi+14:csrfi+50]
+
         except requests.RequestException as e:
             logging.error(f'Exception {e} occurred while updating csrf token')
             raise Exception('Unable to update csrf token')
 
     def post_actions(self, **kwargs):
         try:
-            raise Exception('not implemented')
-#            res = self.post(url=f'{self.imageboard_url}/forms/board/{kwargs["board"]}/modactions',
-#                headers={'Referer': f'{self.imageboard_url}/forms/board/{kwargs["board"]}/modactions'}).json()
+            actions = kwargs['actions'].split(',')
+            body = {'checkedposts':kwargs["postid"],'_csrf':self.csrf_token,'log_message':'globalafk'}
+            for action in actions:
+                body[action] = '1'
+            res = self.post(url=f'{self.imageboard_url}/forms/board/{kwargs["board"]}/modactions',
+                headers={'Referer': f'{self.imageboard_url}/forms/board/{kwargs["board"]}/modactions','x-using-xhr': 'true'},
+                data=body).json()
+            return res
         except requests.RequestException as e:
-            logging.error(f'Exception {e} occurred while authenticating moderator')
+            logging.error(f'Exception {e} occurred while posting action')
             raise Exception('Failed to submit post actions')