# File app/controllers/authorize_controller.rb, line 119 def change_password if session[:user_id] if request.post? @user = User.find(session[:user_id]) if params[:user][:password] == params[:user][:password_confirmation] @user.password = params[:user][:password] @user.flag = nil @user.save flash[:notice] = "Password change successful." redirect_to :controller => 'metarep', :action => 'browser' else flash[:notice] = "Password does not match the confirmation." end end else flash[:notice] = "Please log in." redirect_to :action => 'login' end end