From 2e202460e606e079fe422eb477c863e95e532687 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 20 Apr 2010 11:05:55 +0100 Subject: [PATCH] Check that the token is valid before using it. --- app/views/site/edit.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/site/edit.html.erb b/app/views/site/edit.html.erb index 3565b0468..779abd352 100644 --- a/app/views/site/edit.html.erb +++ b/app/views/site/edit.html.erb @@ -20,7 +20,7 @@ <%= render :partial => 'search' %> <% -session[:token] = @user.tokens.create.token unless session[:token] +session[:token] = @user.tokens.create.token unless session[:token] and UserToken.find_by_token(session[:token]) # Decide on a lat lon to initialise potlatch with. Various ways of doing this if params['lon'] and params['lat'] -- 2.39.5