User summary method is now more secure. Email change method prtects account SQL injec...

[selectricity] / app / views / account / summary.rhtml

diff --git a/app/views/account/summary.rhtml b/app/views/account/summary.rhtml
index b53122ed5094a898d026132ff464132128163f3d..61a4b24735d1d2d45cbbf299a955c3856b425230 100644 (file)
--- a/app/views/account/summary.rhtml
+++ b/app/views/account/summary.rhtml
@@ -10,6 +10,12 @@ E-mail: <%=h @user.email %><br />
 Member since: <%=h @user.created_at.strftime("%x") %>
 </p>
 
+<p>
+       <%= link_to "Update Email Address", :action => 'change_contact',
+                                                                         :id => @user.id %>
+</p>
+
+
 <p>Your Elections:
   <table class="voterbox" id="election">
     <tr>
@@ -21,12 +27,8 @@ Member since: <%=h @user.created_at.strftime("%x") %>
     <% @user.elections.select {|e| e.instance_of?(Election)}.each do |election| %>
     <tr>
          <td style="text-align: left;">
-           <% if election.active == 1 -%>
            <%= link_to "#{election.name}", :controller => 'election', 
                            :action => 'show', :id => election %>
-               <% else -%>
-                 <%=h election.name %>
-               <% end -%>
          </td>
          <td style="text-align: left;"><%=h election.description %></td>
          <td style="text-align: left;">