Index: openacs-4/packages/acs-admin/www/users/modify-admin-privileges.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/modify-admin-privileges.tcl,v
diff -u -N -r1.5.2.1 -r1.5.2.2
--- openacs-4/packages/acs-admin/www/users/modify-admin-privileges.tcl	10 Sep 2015 08:21:09 -0000	1.5.2.1
+++ openacs-4/packages/acs-admin/www/users/modify-admin-privileges.tcl	8 Oct 2015 19:28:03 -0000	1.5.2.2
@@ -5,21 +5,17 @@
     @cvs-id $Id$
 
 } {
-    user_id:naturalnum,notnull
-    action:notnull
-    confirmed_p:boolean,optional
+    user_id:naturalnum,notnull,verify
+    action:notnull,verify
+    {confirmed_p:boolean 0}
 }
 
-set confirmed_url "/acs-admin/users/modify-admin-privileges?user_id=$user_id&action=$action&confirmed_p=1"
+set confirmed_url [export_vars -base /acs-admin/users/modify-admin-privileges {
+    user_id:sign(max_age=60) action:sign {confirmed_p 1}}]
+set return_url [export_vars -base /acs-admin/users/one {user_id}]
 
-set return_url "/acs-admin/users/one?user_id=$user_id"
-
 set context [list [list "./" "Users"] "Modify privileges"]
 
-if {![info exists confirmed_p]} {
-    set confirmed_p 0
-}
-
 if {$confirmed_p} {
     if {"grant" eq $action} {
         permission::grant -object_id [acs_magic_object "security_context_root"] -party_id $user_id -privilege "admin"
Index: openacs-4/packages/acs-admin/www/users/one.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/one.adp,v
diff -u -N -r1.25 -r1.25.2.1
--- openacs-4/packages/acs-admin/www/users/one.adp	14 Jul 2015 22:26:55 -0000	1.25
+++ openacs-4/packages/acs-admin/www/users/one.adp	8 Oct 2015 19:28:03 -0000	1.25.2.1
@@ -7,21 +7,20 @@
 <include src="/packages/acs-subsite/lib/user-info" user_id="@user_id;literal@" return_url="@return_url;literal@">
 
 <ul>
-<li>User ID:  @user_id@</li>
-<li><a href="@user_info.url@">View community member page</a></li>
+<li>User ID:  @user_id;literal@</li>
+<li><a href="@user_info.url;noi18n@">View community member page</a></li>
 <li>Registration date:  @user_info.creation_date_pretty@</li>
 <li>Registration IP: @user_info.creation_ip@ (<a href="@user_info.by_ip_url@" title="Other registrations from this IP address">others</a>)</li>
 <li>Last visit: @user_info.last_visit_pretty@</li>
 
 
 <if @portrait_url@ not nil>
-  <li>Portrait:  <a href="@portrait_url@">@portrait_title@</a></li>
+  <li>Portrait:  <a href="@portrait_url;noi18n@">@portrait_title@</a></li>
 </if>
 </ul>
 
-<if @user_id@ ne @ad_conn_user_id@>
+<if @user_id;literal@ ne @ad_conn_user_id;literal@>
   <if @warning_p@>
-      <!-- RBM: Added August 1, 2003 --!>
       <p>
         <b>WARNING:</b> This user is a site-wide administrator (maybe the only one).
         Deleting or banning this user may mean you will be unable to administrate the site.
@@ -41,7 +40,7 @@
 <ul>
   <multiple name="direct_group_membership">
     <li>@direct_group_membership.group_name@
-        (<a href="/admin/relations/remove?rel_id=@direct_group_membership.rel_id@&amp;return_url=@return_url@">Remove</a>)</li>
+        (<a href="/admin/relations/remove?rel_id=@direct_group_membership.rel_id@&amp;return_url=@return_url;noi18n@">Remove</a>)</li>
   </multiple>
 </ul>
 <p>
@@ -72,18 +71,18 @@
 
 <ul>
 <if @site_wide_admin_p@ true>
-  <li><a href="modify-admin-privileges?user_id=@user_id@&amp;action=revoke">Revoke site-wide administration privileges</a></li>
+  <li><a href="@modify_admin_url;noi18n@">Revoke site-wide administration privileges</a></li>
 </if>
 <else>
-  <li><a href="modify-admin-privileges?user_id=@user_id@&amp;action=grant">Grant site-wide administration privileges</a></li>
+  <li><a href="@modify_admin_url;noi18n@">Grant site-wide administration privileges</a></li>
 </else>
 
 <li>Merge this user with:
-   <form method=get action=search>
+   <form method="get" action="search">
    <div>
    <input type="hidden" name="target" value="merge">
-    <input type="hidden" name="limit_to_user_id" value="@user_id@">
-    <input type="hidden" name="from_user_id" value="@user_id@">
+    <input type="hidden" name="limit_to_user_id" value="@user_id;literal@">
+    <input type="hidden" name="from_user_id" value="@user_id;literal@">
     <input type="hidden" name="only_authorized_p" value="0">
     <input type="text" size="15" name="keyword">
     <input type="submit" value="Find User">
@@ -92,16 +91,15 @@
  </li>
 
 <if @password_reset_url@ not nil>
-  <li><a href="@password_reset_url@">Reset this user's password</a></li>
+  <li><a href="@password_reset_url;noi18n@">Reset this user's password</a></li>
 </if>
 
 <if @password_update_url@ not nil>
-  <li><a href="@password_update_url@">Update this user's password</a></li>
+  <li><a href="@password_update_url;noi18n@">Update this user's password</a></li>
 </if>
 
-<li><a href="@portrait_manage_url@">Manage this user's portrait</a></li>
-
-<li><a href="become?user_id=@user_id@">Login as this user</a></li>
+<li><a href="@portrait_manage_url;noi18n@">Manage this user's portrait</a></li>
+<li><a href="become?user_id=@user_id;literal@">Login as this user</a></li>
 </ul>
 
 
Index: openacs-4/packages/acs-admin/www/users/one.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-admin/www/users/one.tcl,v
diff -u -N -r1.17.2.1 -r1.17.2.2
--- openacs-4/packages/acs-admin/www/users/one.tcl	10 Sep 2015 08:21:09 -0000	1.17.2.1
+++ openacs-4/packages/acs-admin/www/users/one.tcl	8 Oct 2015 19:28:03 -0000	1.17.2.2
@@ -34,8 +34,14 @@
 set warning_p 0
 set ad_conn_user_id [ad_conn user_id]
 
+#
+# Define the url for switching side-wide admin priviledges with a timeout of 60 seconds
+#
 if { $site_wide_admin_p } {
+    set modify_admin_url [export_vars -base modify-admin-privileges {user_id:sign(max_age=60) {action:sign revoke}}]
     set warning_p 1
+} else {
+    set modify_admin_url [export_vars -base modify-admin-privileges {user_id:sign(max_age=60) {action:sign grant}}]
 }