Filter variables when updating user profile
This commit is contained in:
@@ -44,7 +44,11 @@ class UserCredentialController extends BaseController
|
||||
list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
|
||||
|
||||
if (! $this->userSession->isAdmin()) {
|
||||
$values['id'] = $this->userSession->getId();
|
||||
$values = array(
|
||||
'id' => $this->userSession->getId(),
|
||||
'password' => isset($values['password']) ? $values['password'] : '',
|
||||
'confirmation' => isset($values['confirmation']) ? $values['confirmation'] : '',
|
||||
);
|
||||
}
|
||||
|
||||
if ($valid) {
|
||||
|
||||
Reference in New Issue
Block a user