summaryrefslogtreecommitdiff
path: root/profile.php
diff options
context:
space:
mode:
authormensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-14 11:37:12 +0000
committermensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-14 11:37:12 +0000
commit67a13f74ce1b51732a9b3f759ca956bd762b0c0b (patch)
tree265b6b4f756bfc0c7684fd07ed786da76cede109 /profile.php
parente530ffa24f8ae9657f23809f265f9f6628325ff3 (diff)
downloadsemanticscuttle-67a13f74ce1b51732a9b3f759ca956bd762b0c0b.tar.gz
semanticscuttle-67a13f74ce1b51732a9b3f759ca956bd762b0c0b.tar.bz2
Bug fix: protect parameters changes in profile.php (checking current user corresponding to profile page)
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@156 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'profile.php')
-rw-r--r--profile.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/profile.php b/profile.php
index d834144..fe86daa 100644
--- a/profile.php
+++ b/profile.php
@@ -65,7 +65,7 @@ $tplVars['subtitle'] = $title;
$tplVars['user'] = $user;
$tplVars['userid'] = $userid;
-if (isset($_POST['submitted'])) {
+if (isset($_POST['submitted']) && $currentUserID == $userid) {
$error = false;
$detPass = trim($_POST['pPass']);
$detPassConf = trim($_POST['pPassConf']);