X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/c016bf6c153eb1c416b2104874bf2e44c2f55913..0ea9f92be50a8763331a81d3c32a5f5a157265c6:/app/controllers/user_controller.rb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 1ac3b1ca5..1193ec910 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -55,8 +55,14 @@ class UserController < ApplicationController
 
       if @user
         if @user.invalid?
-          # Something is wrong, so rerender the form
-          render :action => :new
+          if @user.new_record?
+            # Something is wrong with a new user, so rerender the form
+            render :action => :new
+          else
+            # Error in existing user, so go to account settings
+            flash[:errors] = @user.errors
+            redirect_to :action => :account, :display_name => @user.display_name
+          end
         elsif @user.terms_agreed?
           # Already agreed to terms, so just show settings
           redirect_to :action => :account, :display_name => @user.display_name
@@ -102,6 +108,7 @@ class UserController < ApplicationController
       if @user.save
         flash[:notice] = t 'user.new.flash create success message', :email => @user.email
         Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => session.delete(:referer)))
+        session[:token] = @user.tokens.create.token
         redirect_to :action => 'login'
       else
         render :action => 'new'
@@ -133,6 +140,12 @@ class UserController < ApplicationController
       @user.home_lat = params[:user][:home_lat]
       @user.home_lon = params[:user][:home_lon]
 
+      if params[:user][:preferred_editor] == "default"
+        @user.preferred_editor = nil
+      else
+        @user.preferred_editor = params[:user][:preferred_editor]
+      end
+
       @user.openid_url = nil if params[:user][:openid_url].empty?
 
       if params[:user][:openid_url].length > 0 and
@@ -153,6 +166,13 @@ class UserController < ApplicationController
       openid_verify(nil, @user) do |user|
         update_user(user)
       end
+    else
+      if flash[:errors]
+        flash[:errors].each do |attr,msg|
+          attr = "new_email" if attr == "email" and !@user.new_email.nil?
+          @user.errors.add(attr,msg)
+        end
+      end
     end
   end
 
@@ -270,14 +290,29 @@ class UserController < ApplicationController
           user.save!
           referer = token.referer
           token.destroy
-          session[:user] = user.id
 
-          unless referer.nil?
+          if session[:token] 
+            token = UserToken.find_by_token(session[:token])
+            session.delete(:token)
+          else
+            token = nil
+          end
+
+          if token.nil? or token.user != user
             flash[:notice] = t('user.confirm.success')
-            redirect_to referer
+            redirect_to :action => :login, :referer => referer
           else
-            flash[:notice] = t('user.confirm.success') + "<br /><br />" + t('user.confirm.before you start')
-            redirect_to :action => 'account', :display_name => user.display_name
+            token.destroy
+
+            session[:user] = user.id
+
+            if referer.nil?
+              flash[:notice] = t('user.confirm.success') + "<br /><br />" + t('user.confirm.before you start')
+              redirect_to :action => :account, :display_name => user.display_name
+            else
+              flash[:notice] = t('user.confirm.success')
+              redirect_to referer
+            end
           end
         end
       else