Home Explore Help
Register Sign In
Omnimaga
/
SMF2.1
mirror of [email protected]:Omnimaga/SMF2.1.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

! Handle approval token via GET rather than POST (and actually send it in the request, usually helps), fixes #1194

Signed-off-by: Peter Spicer <[email protected]>
Peter Spicer 10 years ago
parent
87a7e1367c
commit
c4638b34ab
3 changed files with 8 additions and 1 deletions
Split View Show Diff Stats
  1. 6 0
      Sources/Profile-View.php
  2. 1 0
      Sources/Profile.php
  3. 1 1
      Themes/default/Profile.template.php

+ 6 - 0
Sources/Profile-View.php
View File 

@@ -113,6 +113,12 @@ function summary($memID)
 
 
 		// Should we show a custom message?
 
 		$context['activate_message'] = isset($txt['account_activate_method_' . $context['member']['is_activated'] % 10]) ? $txt['account_activate_method_' . $context['member']['is_activated'] % 10] : $txt['account_not_activated'];
 
+
 
+		// If they can be approved, we need to set up a token for them.
 
+		$context['token_check'] = 'profile-aa' . $memID;
 
+		createToken($context['token_check'], 'get');
 
+
 
+		$context['activate_link'] = $scripturl . '?action=profile;save;area=activateaccount;u=' . $context['id_member'] . ';' . $context['session_var'] . '=' . $context['session_id'] . ';' . $context[$context['token_check'] . '_token_var'] . '=' . $context[$context['token_check'] . '_token'];
 
 	}
 
 
 	// Is the signature even enabled on this forum?

+ 1 - 0
Sources/Profile.php
View File 

@@ -378,6 +378,7 @@ function ModifyProfile($post_errors = array())
 
 					'icon' => 'regcenter.png',
 
 					'sc' => 'get',
 
 					'token' => 'profile-aa%u',
 
+					'token_type' => 'get',
 
 					'permission' => array(
 
 						'own' => array(),
 
 						'any' => array('moderate_forum'),

+ 1 - 1
Themes/default/Profile.template.php
View File 

@@ -324,7 +324,7 @@ function template_summary()
 
 		// If the person looking at the summary has permission, and the account isn't activated, give the viewer the ability to do it themselves.
 
 		if (!empty($context['activate_message']))
 
 			echo '
 
-					<dt class="clear"><span class="alert">', $context['activate_message'], '</span>&nbsp;(<a href="' . $scripturl . '?action=profile;save;area=activateaccount;u=' . $context['id_member'] . ';' . $context['session_var'] . '=' . $context['session_id'] . '"', ($context['activate_type'] == 4 ? ' onclick="return confirm(\'' . $txt['profileConfirm'] . '\');"' : ''), '>', $context['activate_link_text'], '</a>)</dt>';
 
+					<dt class="clear"><span class="alert">', $context['activate_message'], '</span>&nbsp;(<a href="', $context['activate_link'], '"', ($context['activate_type'] == 4 ? ' onclick="return confirm(\'' . $txt['profileConfirm'] . '\');"' : ''), '>', $context['activate_link_text'], '</a>)</dt>';
 
 
 		// If the current member is banned, show a message and possibly a link to the ban.
 
 		if (!empty($context['member']['bans']))