diff options
Diffstat (limited to 'modules/user')
| -rw-r--r-- | modules/user/controllers/logout.php | 11 | ||||
| -rw-r--r-- | modules/user/models/user.php | 9 | ||||
| -rw-r--r-- | modules/user/views/login.html.php | 4 |
3 files changed, 17 insertions, 7 deletions
diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php index 63971789..099b1952 100644 --- a/modules/user/controllers/logout.php +++ b/modules/user/controllers/logout.php @@ -19,18 +19,19 @@ */ class Logout_Controller extends Controller { public function index() { - access::verify_csrf(); + //access::verify_csrf(); $user = user::active(); user::logout(); log::info("user", t("User %name logged out", array("name" => p::clean($user->name))), html::anchor("user/$user->id", p::clean($user->name))); - if ($this->input->get("continue")) { - $item = url::get_item_from_uri($this->input->get("continue")); + if ($continue_url = $this->input->get("continue")) { + $item = url::get_item_from_uri($continue_url); if (access::can("view", $item)) { - url::redirect($this->input->get("continue")); + // Don't use url::redirect() because it'll call url::site() and munge the continue url. + header("Location: $continue_url"); } else { - url::redirect(""); + url::redirect("albums/1"); } } } diff --git a/modules/user/models/user.php b/modules/user/models/user.php index 0234f186..def65a6f 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -72,4 +72,13 @@ class User_Model extends ORM { } return $this; } + + /** + * Return the best version of the user's name. Either their specified full name, or fall back + * to the user name. + * @return string + */ + public function display_name() { + return empty($this->full_name) ? $this->name : $this->full_name; + } }
\ No newline at end of file diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index 7617d131..10ed31b2 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -12,10 +12,10 @@ '<a href="' . url::site("form/edit/users/{$user->id}") . '" title="' . t("Edit Your Profile") . '" id="gUserProfileLink" class="gDialogLink">' . - p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?> + p::clean($user->display_name()) . '</a>')) ?> </li> <li> - <a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>" + <a href="<?= url::site("logout?csrf=$csrf&continue=" . urlencode(url::current(true))) ?>" id="gLogoutLink"><?= t("Logout") ?></a> </li> <? endif ?> |