From 746ec3ab43b4c9c457424b09255ce896c4b205ad Mon Sep 17 00:00:00 2001
From: Michael Erdely <mike@erdelynet.com>
Date: Fri, 18 Oct 2024 22:43:38 -0400
Subject: [PATCH 1/2] protect config.php

---
 .gitattributes | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .gitattributes

diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9a0c70e
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+includes/config.php merge=ours

From b537f40f40a1e70513c21969eb3ff34e7e27576d Mon Sep 17 00:00:00 2001
From: Michael Erdely <mike@erdelynet.com>
Date: Fri, 18 Oct 2024 22:51:01 -0400
Subject: [PATCH 2/2] add a link to update your profile

---
 src/admin.php  | 5 +++--
 src/signup.php | 5 +++--
 src/users.php  | 8 +++++---
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/src/admin.php b/src/admin.php
index 6267664..de6804c 100644
--- a/src/admin.php
+++ b/src/admin.php
@@ -72,9 +72,10 @@ if ($action == "approve") {
 			"Your Gift Registry application was approved.\r\n" .
 				"Your username is {$row["username"]} and your password is '$pwd'.\r\n" .
 					"Log in to {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/ and change your password under " .
-					"'Update Profile' (menu at the top/right of the page) as soon as possible.\r\n" .
+					"'Update Profile' as soon as possible:\r\n" .
+					"   {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/profile.php\r\n" .
 					"\r\n" .
-					"There is a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
+					"There is help and a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
 					"\r\n" .
 					"Once you've logged in, you can see the people you can shop for under 'Available People To Shopping For'. " .
 					"Click on the icon next to each person you want to shop for to see their lists.\r\n" .
diff --git a/src/signup.php b/src/signup.php
index e3753dd..98f6d46 100644
--- a/src/signup.php
+++ b/src/signup.php
@@ -140,9 +140,10 @@ if (isset($_POST["action"]) && $_POST["action"] == "signup") {
 						"Your Gift Registry account was created.\r\n" .
 							"Your username is $username and your password is '$pwd'.\r\n" .
 							"Log in to {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/ and change your password under " .
-							"Update Profile (menu at the top/right of the page) as soon as possible.\r\n" .
+							"'Update Profile' as soon as possible:\r\n" .
+							"   {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/profile.php\r\n" .
 							"\r\n" .
-							"There is a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
+							"There is help and a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
 							"\r\n" .
 							"Once you've logged in, you can see the people you can shop for under 'Available People To Shopping For'. " .
 							"Click on the icon next to each person you want to shop for to see their lists.\r\n" .
diff --git a/src/users.php b/src/users.php
index 19e670a..bcd0fac 100644
--- a/src/users.php
+++ b/src/users.php
@@ -177,9 +177,10 @@ else if ($action == "insert") {
 			"Your Gift Registry account was created.\r\n" .
 				"Your username is $username and your password is '$pwd'.\r\n" .
 				"Log in to {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/ and change your password under\r\n" .
-				"Update Profile (menu at the top/right of the page) as soon as possible.\r\n" .
+				"'Update Profile' as soon as possible:\r\n" .
+				"   {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/profile.php\r\n" .
 				"\r\n" .
-				"There is a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
+				"There is help and a browser bookmarklet at {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/help.php\r\n" .
 				"\r\n" .
 				"Once you've logged in, you can see the people you can shop for under 'Available People To Shopping For'. " .
 				"Click on the icon next to each person you want to shop for to see their lists.\r\n" .
@@ -230,7 +231,8 @@ else if ($action == "reset") {
 		"Gift Registry password reset",
 		"Your Gift Registry password was reset to '$pwd'.\r\n" .
 		"Log in to {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/ and change your password under\r\n" .
-		"Update Profile (menu at the top/right of the page) as soon as possible.",
+		"Update Profile as soon as possible:\r\n" .
+		"   {$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/profile.php\r\n",
 		"From: {$opt["email_from"]}\r\nReply-To: {$opt["email_reply_to"]}\r\nX-Mailer: {$opt["email_xmailer"]}\r\n"
 	) or die("Mail not accepted for $email");
 	header("Location: " . getFullPath("users.php?message=Password+reset."));