login/post: ignore ?login override for non user admins

Confidential data was not secure from people who acquired these urls.

diff --git a/login/post/index.php b/login/post/index.php
index 2f6a9f93b123a0d89ac4b414852c426349b7d940..e491e357b53c10090a8abef52ca2ab22441dc823 100644 (file)
--- a/login/post/index.php
+++ b/login/post/index.php
@@ -1,7 +1,7 @@
 <?php
 $body = ob_get_clean();
 
-if ($username = @$_REQUEST['login']) {
+if ($User->admin('user') and $username = @$_REQUEST['login']) {
        try {
                $user = new User("profile/$username");
        }