X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/b825f4826ac1ce3382d168186d0e83ad2eeb0929..e19e996f1f8526567a2b6ec0c161628a24aee9ad:/app/controllers/user_controller.rb?ds=inline diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index c3cd9fcf2..3d97c58f1 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -26,13 +26,12 @@ class UserController < ApplicationController render :partial => "terms" else @title = t 'user.terms.title' - @user ||= session[:new_user] - if !@user - redirect_to :action => :login, :referer => request.fullpath - elsif @user.terms_agreed? + if @user and @user.terms_agreed? # Already agreed to terms, so just show settings redirect_to :action => :account, :display_name => @user.display_name + elsif @user.nil? and session[:new_user].nil? + redirect_to :action => :login, :referer => request.fullpath end end end @@ -80,13 +79,13 @@ class UserController < ApplicationController @user.data_public = true @user.description = "" if @user.description.nil? @user.creation_ip = request.remote_ip - @user.languages = request.user_preferred_languages + @user.languages = http_accept_language.user_preferred_languages @user.terms_agreed = Time.now.getutc @user.terms_seen = true @user.openid_url = nil if @user.openid_url and @user.openid_url.empty? if @user.save - flash[:piwik_goal] = PIWIK_SIGNUP_GOAL if defined?(PIWIK_SIGNUP_GOAL) + flash[:piwik_goal] = PIWIK["goals"]["signup"] if defined?(PIWIK) referer = welcome_path @@ -251,7 +250,7 @@ class UserController < ApplicationController else session[:referer] = params[:referer] - @user = User.new(params[:user]) + @user = User.new(user_params) @user.status = "pending" if @user.openid_url.present? && @user.pass_crypt.empty? @@ -732,7 +731,7 @@ private cookies.permanent["_osm_username"] = user.display_name - if user.new_email.blank? + if user.new_email.blank? or user.new_email == user.email flash.now[:notice] = t 'user.account.flash update success' else user.email = user.new_email @@ -809,4 +808,10 @@ private # it's .now so that this doesn't propagate to other pages. flash.now[:skip_terms] = true end + + ## + # return permitted user parameters + def user_params + params.require(:user).permit(:email, :email_confirmation, :display_name, :openid_url, :pass_crypt, :pass_crypt_confirmation) + end end