From 88e9a6fa58676b3218c01dc4a4bf7334a4eea8f0 Mon Sep 17 00:00:00 2001
From: Pierre <pierre@hubert.fr>
Date: Sun, 17 Dec 2017 12:30:05 +0100
Subject: [PATCH] Check if user exists before the query

---
 RestControllers/userController.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/RestControllers/userController.php b/RestControllers/userController.php
index 510a4b6..dc1b434 100644
--- a/RestControllers/userController.php
+++ b/RestControllers/userController.php
@@ -123,6 +123,10 @@ class userController
 		
 		$userID = toInt($_POST["userID"]);
 
+		//Check if the user exists
+		if(!CS::get()->components->user->exists($userID))
+			Rest_fatal_error(404, "Specified user not found !");
+
 		//Check if the user is allowed to get advanced user infromations
 		if(!CS::get()->components->user->userAllowed(userID, $userID))
 			Rest_fatal_error(401, "You are not allowed to access these information !");