From 4be2993a9a92855d5b47a505dde1d10f80e0df3e Mon Sep 17 00:00:00 2001
From: manson <manson@rulingcom.com>
Date: Fri, 8 Aug 2014 18:29:44 +0800
Subject: [PATCH] fix member edit_password authorization

---
 app/controllers/orbit_member_controller.rb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/controllers/orbit_member_controller.rb b/app/controllers/orbit_member_controller.rb
index d8e2429..1b2ed65 100644
--- a/app/controllers/orbit_member_controller.rb
+++ b/app/controllers/orbit_member_controller.rb
@@ -10,6 +10,7 @@ class OrbitMemberController < ApplicationController
   		@user_has_privileges = true
   	else
   		visited_user = MemberProfile.find_by(:uid => params[:id].split("-").last).user.id rescue nil
+              visited_user = MemberProfile.find_by(:uid => params[:member_id].split("-").last).user.id rescue nil
   		visited_user = MemberProfile.find_by(:uid => params[:uid]).user.id if visited_user.nil? rescue nil
   		visited_user = MemberProfile.find(params[:member_profile_id]).user.id if visited_user.nil? rescue nil
 	  	if current_user.id == visited_user