summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Dolgov <[email protected]>2021-03-02 13:29:54 +0300
committerAndrew Dolgov <[email protected]>2021-03-02 13:29:54 +0300
commit08ff629af500f4c1e3c60384132fcc4299d24c6b (patch)
treeb494338bccc04200a2a902d5b14792c30684f792
parentd4ad483add718964fce1571402b5f4fa7a13374a (diff)
limit user data sent to frontend
-rw-r--r--classes/pref/users.php1
1 files changed, 1 insertions, 0 deletions
diff --git a/classes/pref/users.php b/classes/pref/users.php
index f228ab390..cac0dca7c 100644
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -6,6 +6,7 @@ class Pref_Users extends Handler_Administrative {
function edit() {
$user = ORM::for_table('ttrss_users')
+ ->select_expr("id,login,access_level,email,full_name,otp_enabled")
->find_one((int)$_REQUEST["id"])
->as_array();