diff options
-rw-r--r-- | actions/imsettings.php | 4 | ||||
-rw-r--r-- | actions/login.php | 19 |
2 files changed, 16 insertions, 7 deletions
diff --git a/actions/imsettings.php b/actions/imsettings.php index 368cd8b9e..904516f24 100644 --- a/actions/imsettings.php +++ b/actions/imsettings.php @@ -52,9 +52,7 @@ class ImsettingsAction extends SettingsAction { common_element_start('p'); common_element('span', 'address unconfirmed', $confirm->address); common_element('span', 'input_instructions', - sprintf(_('Awaiting confirmation on this address. Check your ' . - 'Jabber/GTalk account for a message with further ' . - 'instructions. (Did you add %s to your buddy list?)', + sprintf(_('Awaiting confirmation on this address. Check your Jabber/GTalk account for a message with further instructions. (Did you add %s to your buddy list?)', jabber_daemon_address()))); common_hidden('jabber', $confirm->address); common_element_end('p'); diff --git a/actions/login.php b/actions/login.php index 003d6613f..0f2dec1a4 100644 --- a/actions/login.php +++ b/actions/login.php @@ -109,10 +109,21 @@ class LoginAction extends Action { } function get_instructions() { - return _('Login with your username and password. ' . - 'Don\'t have a username yet? ' . - '[Register](%%action.register%%) a new account, or ' . - 'try [OpenID](%%action.openidlogin%%). '); + if (common_logged_in() && + !common_is_real_login() && + common_get_returnto()) + { + # rememberme logins have to reauthenticate before + # changing any profile settings (cookie-stealing protection) + return _('For security reasons, please re-enter your ' . + 'user name and password ' . + 'before changing your settings.'); + } else { + return _('Login with your username and password. ' . + 'Don\'t have a username yet? ' . + '[Register](%%action.register%%) a new account, or ' . + 'try [OpenID](%%action.openidlogin%%). '); + } } function show_top($error=NULL) { |