diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-06-06 15:24:49 -0700 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-06-06 15:24:49 -0700 |
| commit | b9ee6f7d185c734dcff595d06d9c6e6fda5822ac (patch) | |
| tree | 4cc37bde852469449afd0989bfceeeddac84a200 /modules/user | |
| parent | 0e415dae9b29d792f631d3b94349086b8094c920 (diff) | |
| parent | b179b106c2b4d3971498f513ffc71eff1b6b1a5d (diff) | |
Merge branch 'master' of git@github.com:gallery/gallery3
Diffstat (limited to 'modules/user')
| -rw-r--r-- | modules/user/controllers/password.php | 4 | ||||
| -rw-r--r-- | modules/user/views/login.html.php | 30 |
2 files changed, 19 insertions, 15 deletions
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index 3b0eac66..2dde11b8 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -19,9 +19,9 @@ */ class Password_Controller extends Controller { public function reset() { - access::verify_csrf(); - if (request::method() == "post") { + // @todo separate the post from get parts of this function + access::verify_csrf(); $this->_send_reset(); } else { print $this->_reset_form(); diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index 3889f06e..7617d131 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -1,18 +1,22 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <ul id="gLoginMenu"> <? if ($user->guest): ?> - <li class="first"><a href="<?= url::site("login/ajax") ?>" - title="<?= t("Login to Gallery") ?>" - id="gLoginLink"><?= t("Login") ?></a></li> + <li class="first"> + <a href="<?= url::site("login/ajax") ?>" + title="<?= t("Login to Gallery") ?>" + id="gLoginLink"><?= t("Login") ?></a> + </li> <? else: ?> - <li class="first"><?= - t('Logged in as %name', - array('name' => - '<a href="' . url::site("form/edit/users/{$user->id}") . - '" title="' . t("Edit Your Profile") . - '" id="gUserProfileLink" class="gDialogLink">' . - p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li> - <li><a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>" - id="gLogoutLink"><?= t("Logout") ?></a></li> - <? endif; ?> + <li class="first"> + <?= t('Logged in as %name', array('name' => + '<a href="' . url::site("form/edit/users/{$user->id}") . + '" title="' . t("Edit Your Profile") . + '" id="gUserProfileLink" class="gDialogLink">' . + p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?> + </li> + <li> + <a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>" + id="gLogoutLink"><?= t("Logout") ?></a> + </li> + <? endif ?> </ul> |