##// END OF EJS Templates
security: make sure the admin of repo can only delete comments which are from the same repo....
security: make sure the admin of repo can only delete comments which are from the same repo. - fixes IDOR issue - protects against other people comment deletion by repo admins.

File last commit:

r1815:7cb6e1ce default
r1818:1ced1b24 default
Show More
my_account_profile.mako
54 lines | 1.7 KiB | application/x-mako | MakoHtmlLexer
<%namespace name="base" file="/base/base.mako"/>
<div class="panel panel-default user-profile">
<div class="panel-heading">
<h3 class="panel-title">${_('My Profile')}</h3>
<a href="${url('my_account_edit')}" class="panel-edit">${_('Edit')}</a>
</div>
<div class="panel-body">
<div class="fieldset">
<div class="left-label">
${_('Photo')}:
</div>
<div class="right-content">
%if c.visual.use_gravatar:
${base.gravatar(c.user.email, 100)}
%else:
${base.gravatar(c.user.email, 20)}
${_('Avatars are disabled')}
%endif
</div>
</div>
<div class="fieldset">
<div class="left-label">
${_('Username')}:
</div>
<div class="right-content">
${c.user.username}
</div>
</div>
<div class="fieldset">
<div class="left-label">
${_('First Name')}:
</div>
<div class="right-content">
${c.user.first_name}
</div>
</div>
<div class="fieldset">
<div class="left-label">
${_('Last Name')}:
</div>
<div class="right-content">
${c.user.last_name}
</div>
</div>
<div class="fieldset">
<div class="left-label">
${_('Email')}:
</div>
<div class="right-content">
${c.user.email or _('Missing email, please update your user email address.')}
</div>
</div>
</div>
</div>