Permalink
Browse files

Protection is in.

  • Loading branch information...
1 parent effbb9c commit 3a1850ef63a741722c9a136eb97c781aefdd7098 @livid committed Dec 31, 2011
Showing with 8 additions and 5 deletions.
  1. +2 −1 backstage.py
  2. +2 −0 member.py
  3. +1 −1 tpl/desktop/common/bottom.html
  4. +3 −3 tpl/desktop/member_home.html
View
3 backstage.py
@@ -1561,8 +1561,9 @@ def get(self, topic_num):
class BackstageDeactivateUserHandler(webapp.RequestHandler):
def get(self, key):
member = CheckAuth(self)
+ t = self.request.get('t')
if member:
- if member.level == 0:
+ if (member.level == 0) and (str(member.created_ts) == str(t)):
one = db.get(db.Key(key))
if one:
if one.num != 1:
View
2 member.py
@@ -630,6 +630,8 @@ def post(self):
template_values['password_error'] = password_error
template_values['password_error_message'] = password_error_messages[password_error]
if ((password_error == 0) and (password_update == True)):
+ old_auth = member.auth
+ memcache.delete(old_auth)
member.password = hashlib.sha1(password_new).hexdigest()
member.auth = hashlib.sha1(str(member.num) + ':' + member.password).hexdigest()
member.put()
View
2 tpl/desktop/common/bottom.html
@@ -1,5 +1,5 @@
<div id="Bottom">
- <div id="BottomMain"><div class="fr" align="right"><a href="http://www.linode.com/?r=af313ea8a6bb6f99aff800c67349cabbfee2682f" target="_blank"><img src="/static/img/linode.png" border="0" alt="Linode" /></a><div class="sep10"></div><strong><a href="http://www.linode.com/?r=af313ea8a6bb6f99aff800c67349cabbfee2682f" target="_blank">Linode - 互联网上最好的云主机</a>
+ <div id="BottomMain"><div class="fr" align="right"><a href="http://www.linode.com/?r=af313ea8a6bb6f99aff800c67349cabbfee2682f" target="_blank"><img src="/static/img/linode.png" border="0" alt="Linode" /></a><div class="sep10"></div><strong><a href="http://www.linode.com/?r=af313ea8a6bb6f99aff800c67349cabbfee2682f" target="_blank">Linode - 互联网上最好的云主机</a></strong>
</div>
<strong><a href="/about" class="dark">关于</a></strong> &nbsp; | &nbsp; <strong><a href="/faq" class="dark">FAQ</a></strong> &nbsp; | &nbsp; <strong><a href="/mission" class="dark">我们的愿景</a></strong> &nbsp; | &nbsp; <strong><a href="http://picky.olivida.com/" class="dark" target="_blank">博客</a></strong> &nbsp; | &nbsp; <strong><a href="/advertise" class="dark">广告投放</a></strong> &nbsp; | &nbsp; <strong><a href="https://workspace.v2ex.com/" class="dark" target="_blank">{{ l10n.workspace }}</a></strong> &nbsp; | &nbsp; <strong><a href="http://www.v2ex.com/start" class="dark" target="_blank">上网首页</a></strong>
<div class="sep10"></div>
View
6 tpl/desktop/member_home.html
@@ -30,14 +30,14 @@
{% if show_block %}
<div class="sep10"></div>
{% if one_is_blocked %}
- <input type="button" value="撤销屏蔽" class="super normal button" onclick="recordOutboundLink(this, 'Social Graph', 'unblock'); location.href = '/unblock/{{ one.key }}';" />
+ <input type="button" value="撤销屏蔽" class="super normal button" onclick="recordOutboundLink(this, 'Social Graph', 'unblock'); location.href = '/unblock/{{ one.key }}?t={{ member.created_ts }}';" />
{% else %}
- <input type="button" value="屏蔽此人" class="super normal button" onclick="recordOutboundLink(this, 'Social Graph', 'block'); location.href = '/block/{{ one.key }}';" />
+ <input type="button" value="屏蔽此人" class="super normal button" onclick="recordOutboundLink(this, 'Social Graph', 'block'); location.href = '/block/{{ one.key }}?t={{ member.created_ts }}';" />
{% endif %}
{% endif %}
{% if show_extra_options %}
<div class="sep10"></div>
- <div align="center"><small><strong><a href="/backstage/deactivate/user/{{ one.key }}" class="dark">DEACTIVATE</a></strong></small></div>
+ <div align="center"><small><strong><a href="/backstage/deactivate/user/{{ one.key }}?t={{ member.created_ts }}" class="dark">DEACTIVATE</a></strong></small></div>
{% endif %}
{% if member %}{% ifequal member.level 0 %}<div class="sep10"></div><div align="center"><a href="/backstage/member/{{ one.username }}"><img src="/static/img/gear.png" border="0" alt="管理" /></a></div>{% endifequal %}{% endif %}
</td>

0 comments on commit 3a1850e

Please sign in to comment.