diff options
Diffstat (limited to 'app/controllers/application_controller.rb')
| -rw-r--r-- | app/controllers/application_controller.rb | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 7700a2c..15cc108 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -17,11 +17,10 @@ class ApplicationController < ActionController::Base end def current_user - @_current_user ||= begin + @_current_user ||= if logged_in? User.find(session[:user_id]) end - end end def authorized_to_show_user?(user) @@ -39,4 +38,8 @@ class ApplicationController < ActionController::Base end object end + + def safe_redirect?(to) + to[0] == "/" && !to.include?("//") + end end |