MDL-12580 fixed infinite redirect loop when editing profile for the first time; merge...

author skodak <skodak>

Sat, 15 Dec 2007 16:57:20 +0000 (16:57 +0000)

committer skodak <skodak>

Sat, 15 Dec 2007 16:57:20 +0000 (16:57 +0000)
author skodak <skodak>
Sat, 15 Dec 2007 16:57:20 +0000 (16:57 +0000)
committer skodak <skodak>
Sat, 15 Dec 2007 16:57:20 +0000 (16:57 +0000)
diff --git a/user/edit.php b/user/edit.php

index 094525328d1ba78f6a3aa2f62a503d1d7d1cd3dc..db8a645f42f29189b82db8c79784b11e6bb52f90 100644 (file)
--- a/user/edit.php
+++ b/user/edit.php
@@ -55,8 +55,10 @@
  
      // check access control
      if ($user->id == $USER->id) {
-        //editing own profile
-        require_capability('moodle/user:editownprofile', $systemcontext);
+        //editing own profile - require_login() MUST NOT be used here, it would result in infinite loop!
+        if (!has_capability('moodle/user:editownprofile', $systemcontext)) {
+            error('Can not edit own profile, sorry.');
+        }
  
      } else {
          // teachers, parents, etc.