From a18ddd2fe9a920115df580a1ded5b2e33bb12a02 Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sat, 27 Feb 2010 15:39:36 -0800
Subject: Add more randomness to reset password mechanism.

---
 modules/user/controllers/password.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/user/controllers')

diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index f5190974..38fa66be 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -52,7 +52,7 @@ class Password_Controller extends Controller {
     $user_name = $form->reset->inputs["name"]->value;
     $user = user::lookup_by_name($user_name);
     if ($user && !empty($user->email)) {
-      $user->hash = md5(rand());
+      $user->hash = md5(uniqid(mt_rand(), true));
       $user->save();
       $message = new View("reset_password.html");
       $message->confirm_url = url::abs_site("password/do_reset?key=$user->hash");
-- 
cgit v1.2.3


From 74113f869a37bd5eda1175c9eb520b938c4793c4 Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Sat, 27 Feb 2010 20:21:22 -0800
Subject: Fix for ticket #1037: Only show language drop-down when there's
 actually a choice.

---
 modules/gallery/helpers/gallery_block.php | 2 +-
 modules/user/controllers/users.php        | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

(limited to 'modules/user/controllers')

diff --git a/modules/gallery/helpers/gallery_block.php b/modules/gallery/helpers/gallery_block.php
index 46742743..eabdcebc 100644
--- a/modules/gallery/helpers/gallery_block.php
+++ b/modules/gallery/helpers/gallery_block.php
@@ -93,7 +93,7 @@ class gallery_block_Core {
 
     case "language":
       $locales = locales::installed();
-      if (count($locales)) {
+      if (count($locales) > 1) {
         foreach ($locales as $locale => $display_name) {
           $locales[$locale] = SafeString::of_safe_html($display_name);
         }
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index cd7d271f..a5fdd994 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -30,7 +30,8 @@ class Users_Controller extends Controller {
       $user->full_name = $form->edit_user->full_name->value;
       $user->url = $form->edit_user->url->value;
 
-      if ($user->locale !=  $form->edit_user->locale->value) {
+      if (count(locales::installed()) > 1 &&
+          $user->locale != $form->edit_user->locale->value) {
         $user->locale = $form->edit_user->locale->value;
         $flush_locale_cookie = true;
       }
@@ -221,6 +222,10 @@ class Users_Controller extends Controller {
   /** @todo combine with Admin_Users_Controller::_add_locale_dropdown */
   private function _add_locale_dropdown(&$form, $user=null) {
     $locales = locales::installed();
+    if (count($locales) <= 1) {
+      return;
+    }
+
     foreach ($locales as $locale => $display_name) {
       $locales[$locale] = SafeString::of_safe_html($display_name);
     }
-- 
cgit v1.2.3