do not allow to change profile details, only show them

author: Christian Weiske <cweiske@cweiske.de> 2012-09-27 20:43:22 +0200
committer: Christian Weiske <cweiske@cweiske.de> 2012-09-27 20:43:22 +0200
commit: 6a82f78dcc381c191dab5c4fe63d12096d596e41 (patch)
tree: 1d7aabde1390e98027622dc58486511ad9a88ee4 /www/user.php
parent: 71c2c412f7098050479f496292bc694095d9ec97 (diff)
download: phorkie-6a82f78dcc381c191dab5c4fe63d12096d596e41.tar.gz
phorkie-6a82f78dcc381c191dab5c4fe63d12096d596e41.zip
1 files changed, 2 insertions, 7 deletions
diff --git a/www/user.php b/www/user.php
index 8b86a50..364981c 100644
--- a/www/user.php
+++ b/www/user.php
@@ -5,13 +5,8 @@
 namespace phorkie;
 $reqWritePermissions = true;
 require_once 'www-header.php';
-
-if (isset($_POST['name'])) {
-    $_SESSION['name'] = substr(filter_var($_POST['name'], FILTER_SANITIZE_STRING), 0, 35);
-}
-
-if (isset($_POST['email'])) {
-    $_SESSION['email'] = substr(filter_var($_POST['email'], FILTER_SANITIZE_EMAIL), 0, 35);
+if (!isset($_SESSION['identity'])) {
+    require 'forbidden.php';
 }
 
 render(
author	Christian Weiske <cweiske@cweiske.de>	2012-09-27 20:43:22 +0200
committer	Christian Weiske <cweiske@cweiske.de>	2012-09-27 20:43:22 +0200
commit	6a82f78dcc381c191dab5c4fe63d12096d596e41 (patch)
tree	1d7aabde1390e98027622dc58486511ad9a88ee4 /www/user.php
parent	71c2c412f7098050479f496292bc694095d9ec97 (diff)
download	phorkie-6a82f78dcc381c191dab5c4fe63d12096d596e41.tar.gz phorkie-6a82f78dcc381c191dab5c4fe63d12096d596e41.zip