diff options
Diffstat (limited to 'modules/user')
| -rw-r--r-- | modules/user/controllers/password.php | 4 | ||||
| -rw-r--r-- | modules/user/views/login.html.php | 30 |
2 files changed, 19 insertions, 15 deletions
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index 3b0eac66..2dde11b8 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -19,9 +19,9 @@ */ class Password_Controller extends Controller { public function reset() { - access::verify_csrf(); - if (request::method() == "post") { + // @todo separate the post from get parts of this function + access::verify_csrf(); $this->_send_reset(); } else { print $this->_reset_form(); diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index 3889f06e..7617d131 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -1,18 +1,22 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <ul id="gLoginMenu"> <? if ($user->guest): ?> - <li class="first"><a href="<?= url::site("login/ajax") ?>" - title="<?= t("Login to Gallery") ?>" - id="gLoginLink"><?= t("Login") ?></a></li> + <li class="first"> + <a href="<?= url::site("login/ajax") ?>" + title="<?= t("Login to Gallery") ?>" + id="gLoginLink"><?= t("Login") ?></a> + </li> <? else: ?> - <li class="first"><?= - t('Logged in as %name', - array('name' => - '<a href="' . url::site("form/edit/users/{$user->id}") . - '" title="' . t("Edit Your Profile") . - '" id="gUserProfileLink" class="gDialogLink">' . - p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li> - <li><a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>" - id="gLogoutLink"><?= t("Logout") ?></a></li> - <? endif; ?> + <li class="first"> + <?= t('Logged in as %name', array('name' => + '<a href="' . url::site("form/edit/users/{$user->id}") . + '" title="' . t("Edit Your Profile") . + '" id="gUserProfileLink" class="gDialogLink">' . + p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?> + </li> + <li> + <a href="<?= url::site("logout?csrf=$csrf&continue=" . url::current(true)) ?>" + id="gLogoutLink"><?= t("Logout") ?></a> + </li> + <? endif ?> </ul> |