diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/Controller/BaseController.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/app/Controller/BaseController.php b/app/Controller/BaseController.php index 637c3db1..1dd7d372 100644 --- a/app/Controller/BaseController.php +++ b/app/Controller/BaseController.php @@ -153,7 +153,8 @@ abstract class BaseController extends Base } if (! $this->userSession->isAdmin() && $this->userSession->getId() != $user['id']) { - throw new AccessForbiddenException(); + // Always returns a 404 otherwise people might guess which user exist. + throw new PageNotFoundException(); } return $user; |