X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ff97501ed01488f8ff8e9d2e7b93b4f295f71725..ee53b7a298e75ac4c75866d6edea0a2611bdb663:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 2ff9646e6..82373c90a 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -268,7 +268,7 @@ class UserController < ApplicationController def logout @title = t "user.logout.title" - if params[:session] == request.session_options[:id] + if params[:session] == session.id if session[:token] token = UserToken.find_by(:token => session[:token]) token.destroy if token @@ -480,9 +480,11 @@ class UserController < ApplicationController redirect_to url_for(:status => params[:status], :ip => params[:ip], :page => params[:page]) else + @params = params.permit(:status, :ip) + conditions = {} - conditions[:status] = params[:status] if params[:status] - conditions[:creation_ip] = params[:ip] if params[:ip] + conditions[:status] = @params[:status] if @params[:status] + conditions[:creation_ip] = @params[:ip] if @params[:ip] @user_pages, @users = paginate(:users, :conditions => conditions, @@ -494,7 +496,7 @@ class UserController < ApplicationController ## # omniauth success callback def auth_success - auth_info = env["omniauth.auth"] + auth_info = request.env["omniauth.auth"] provider = auth_info[:provider] uid = auth_info[:uid] @@ -543,7 +545,7 @@ class UserController < ApplicationController when "pending" then unconfirmed_login(user) when "active", "confirmed" then - successful_login(user, env["omniauth.params"]["referer"]) + successful_login(user, request.env["omniauth.params"]["referer"]) when "suspended" then failed_login t("user.login.account is suspended", :webmaster => "mailto:#{SUPPORT_EMAIL}") else @@ -723,8 +725,8 @@ class UserController < ApplicationController # Ignore errors sending email end else - @user.errors.set(:new_email, @user.errors.get(:email)) - @user.errors.set(:email, []) + @user.errors.add(:new_email, @user.errors[:email]) + @user.errors.add(:email, []) end user.restore_email!