alex
/
orbit4-5
forked from saurabh/orbit4-5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix member edit_password authorization

This commit is contained in:
manson 2014-08-08 18:29:44 +08:00
parent bbc171fc7c
commit 4be2993a9a
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/orbit_member_controller.rb
View File

@ -10,6 +10,7 @@ class OrbitMemberController < ApplicationController
@user_has_privileges = true
else
visited_user = MemberProfile.find_by(:uid => params[:id].split("-").last).user.id rescue nil
visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id rescue nil
visited_user = MemberProfile.find_by(:uid => params[:uid]).user.id if visited_user.nil? rescue nil
visited_user = MemberProfile.find(params[:member_profile_id]).user.id if visited_user.nil? rescue nil
if current_user.id == visited_user