diff options
| -rw-r--r-- | app/controllers/user_controller.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 37cc0db99..77508e0c6 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -256,6 +256,9 @@ class UserController < ApplicationController user_alreadyexists = User.find_user_by_email(@signchangeemail.new_email) if user_alreadyexists UserMailer.deliver_changeemail_already_used(@user.email, @signchangeemail.new_email) + # it is important this screen looks the same as the one below, so + # you can't change to someone's email in order to tell if they are + # registered with that email on the site render :action => 'signchangeemail_confirm' return end @@ -271,6 +274,9 @@ class UserController < ApplicationController url = confirm_url(:email_token => post_redirect.email_token) UserMailer.deliver_changeemail_confirm(@user, @signchangeemail.new_email, url) + # it is important this screen looks the same as the one above, so + # you can't change to someone's email in order to tell if they are + # registered with that email on the site render :action => 'signchangeemail_confirm' return end |