diff options
Diffstat (limited to 'app/Controller')
-rw-r--r-- | app/Controller/UserCredentialController.php | 6 | ||||
-rw-r--r-- | app/Controller/UserModificationController.php | 11 |
2 files changed, 13 insertions, 4 deletions
diff --git a/app/Controller/UserCredentialController.php b/app/Controller/UserCredentialController.php index ae52a13c..a8b90b7b 100644 --- a/app/Controller/UserCredentialController.php +++ b/app/Controller/UserCredentialController.php @@ -44,7 +44,11 @@ class UserCredentialController extends BaseController list($valid, $errors) = $this->userValidator->validatePasswordModification($values); if (! $this->userSession->isAdmin()) { - $values['id'] = $this->userSession->getId(); + $values = array( + 'id' => $this->userSession->getId(), + 'password' => isset($values['password']) ? $values['password'] : '', + 'confirmation' => isset($values['confirmation']) ? $values['confirmation'] : '', + ); } if ($valid) { diff --git a/app/Controller/UserModificationController.php b/app/Controller/UserModificationController.php index ed145921..f4916f6f 100644 --- a/app/Controller/UserModificationController.php +++ b/app/Controller/UserModificationController.php @@ -47,9 +47,14 @@ class UserModificationController extends BaseController $values = $this->request->getValues(); if (! $this->userSession->isAdmin()) { - if (isset($values['role'])) { - unset($values['role']); - } + $values = array( + 'id' => $this->userSession->getId(), + 'username' => isset($values['username']) ? $values['username'] : '', + 'name' => isset($values['name']) ? $values['name'] : '', + 'email' => isset($values['email']) ? $values['email'] : '', + 'timezone' => isset($values['timezone']) ? $values['timezone'] : '', + 'language' => isset($values['language']) ? $values['language'] : '', + ); } list($valid, $errors) = $this->userValidator->validateModification($values); |