diff options
| author | mensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2008-11-14 11:37:12 +0000 | 
|---|---|---|
| committer | mensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2008-11-14 11:37:12 +0000 | 
| commit | 67a13f74ce1b51732a9b3f759ca956bd762b0c0b (patch) | |
| tree | 265b6b4f756bfc0c7684fd07ed786da76cede109 | |
| parent | e530ffa24f8ae9657f23809f265f9f6628325ff3 (diff) | |
| download | semanticscuttle-67a13f74ce1b51732a9b3f759ca956bd762b0c0b.tar.gz semanticscuttle-67a13f74ce1b51732a9b3f759ca956bd762b0c0b.tar.bz2 | |
Bug fix: protect parameters changes in profile.php (checking current user corresponding to profile page)
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@156 b3834d28-1941-0410-a4f8-b48e95affb8f
| -rw-r--r-- | profile.php | 2 | 
1 files changed, 1 insertions, 1 deletions
| diff --git a/profile.php b/profile.php index d834144..fe86daa 100644 --- a/profile.php +++ b/profile.php @@ -65,7 +65,7 @@ $tplVars['subtitle'] = $title;  $tplVars['user'] = $user;  $tplVars['userid'] = $userid; -if (isset($_POST['submitted'])) { +if (isset($_POST['submitted']) && $currentUserID == $userid) {      $error = false;      $detPass = trim($_POST['pPass']);      $detPassConf = trim($_POST['pPassConf']); | 
