end
def change_password
- return unless request.post?
+ verify_post_request
if User.authenticate(current_user.login, params[:old_password], servlet_request)
if ((params[:password] == params[:password_confirmation]))
current_user.password = params[:password]
end
def update_notifications
+ verify_post_request
# Global notifs
global_notifs = params[:global_notifs]
Property.delete_all(['prop_key like ? AND user_id = ? AND resource_id IS NULL', 'notification.%', current_user.id])
<% if User.editable_password? %>
<div class="admin marginbottom10">
<h2><%= message('my_profile.password.title') -%></h2>
-
- <% form_tag({:action => 'change_password'}, :id => 'pass_form_tag', :name => 'pass_form_tag') do -%>
+
+ <form id="pass_form_tag" name="pass_form_tag" method="post" action="<%= ApplicationController.root_context -%>/account/change_password">
<table class="form">
<tr>
<td class="keyCell"><label for="old_password"><%= message('my_profile.password.old') -%>:</label></td>
<td><%= submit_tag message('my_profile.password.submit') %></td>
</tr>
</table>
- <% end %>
+ </form>
- <script type="text/javascript">
+ <script>
//<![CDATA[
$('pass_form_tag').focusFirstElement();
//]]>
<% end -%>
<div class="admin marginbottom10">
- <% form_tag({:action => 'update_notifications'}, {:method => 'post', :id => 'notif_form'}) do %>
-
+ <form id="notif_form" method="post" action="<%= ApplicationController.root_context -%>/account/update_notifications">
<% unless @global_dispatchers.empty? -%>
<%= render "account/global_notifications" -%>
<br/><br/>
<% end %>
<br/><br/>
- <%= submit_tag message('my_profile.notifications.submit') %>
- <% end %>
+ <input type="submit" value="<%= message('my_profile.notifications.submit') -%>" name="commit">
+ </form>
</div>
</div>
projects / sonarqube.git / commitdiff