X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/091473602b61f013c5daa369fb63143802a630c5..17db0b2d5566ec4dbf0f279ad3ad7dc754b1dfb5:/app/controllers/user_controller.rb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index d89d483f2..325d7b3fe 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -26,13 +26,12 @@ class UserController < ApplicationController
       render :partial => "terms"
     else
       @title = t 'user.terms.title'
-      @user ||= session[:new_user]
 
-      if !@user
-        redirect_to :action => :login, :referer => request.fullpath
-      elsif @user.terms_agreed?
+      if @user and @user.terms_agreed?
         # Already agreed to terms, so just show settings
         redirect_to :action => :account, :display_name => @user.display_name
+      elsif session[:new_user].nil?
+        redirect_to :action => :login, :referer => request.fullpath
       end
     end
   end
@@ -80,19 +79,26 @@ class UserController < ApplicationController
         @user.data_public = true
         @user.description = "" if @user.description.nil?
         @user.creation_ip = request.remote_ip
-        @user.languages = request.user_preferred_languages
+        @user.languages = http_accept_language.user_preferred_languages
         @user.terms_agreed = Time.now.getutc
         @user.terms_seen = true
         @user.openid_url = nil if @user.openid_url and @user.openid_url.empty?
 
         if @user.save
-          flash[:piwik_goal] = PIWIK_SIGNUP_GOAL if defined?(PIWIK_SIGNUP_GOAL)
+          flash[:piwik_goal] = PIWIK["goals"]["signup"] if defined?(PIWIK)
+
+          referer = welcome_path
 
           begin
-            referer_params = Rack::Utils.parse_query(URI(session[:referer]).query)
-            referer = welcome_path(referer_params.slice(:lat, :lon, :zoom, :editor))
+            uri = URI(session[:referer])
+            /map=(.*)\/(.*)\/(.*)/.match(uri.fragment) do |m|
+              editor = Rack::Utils.parse_query(uri.query).slice('editor')
+              referer = welcome_path({'zoom' => m[1],
+                                      'lat' => m[2],
+                                      'lon' => m[3]}.merge(editor))
+            end
           rescue
-            referer = welcome_path
+            # Use default
           end
 
           if @user.status == "active"
@@ -244,7 +250,7 @@ class UserController < ApplicationController
     else
       session[:referer] = params[:referer]
 
-      @user = User.new(params[:user])
+      @user = User.new(user_params)
       @user.status = "pending"
 
       if @user.openid_url.present? && @user.pass_crypt.empty?
@@ -725,7 +731,7 @@ private
 
       cookies.permanent["_osm_username"] = user.display_name
 
-      if user.new_email.blank?
+      if user.new_email.blank? or user.new_email == user.email
         flash.now[:notice] = t 'user.account.flash update success'
       else
         user.email = user.new_email
@@ -802,4 +808,10 @@ private
     # it's .now so that this doesn't propagate to other pages.
     flash.now[:skip_terms] = true
   end
+
+  ##
+  # return permitted user parameters
+  def user_params
+    params.require(:user).permit(:email, :email_confirmation, :display_name, :openid_url, :pass_crypt, :pass_crypt_confirmation)
+  end
 end