From b539f26dab6d1f6282e4bc5321a2f2d4c5033683 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 1 May 2017 16:17:31 -0400
Subject: [PATCH] Stop browser autofill on user view pages.

---
 app/Http/Controllers/Admin/UserController.php    | 16 ++++++++++++----
 .../pterodactyl/admin/users/view.blade.php       |  6 +++---
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/app/Http/Controllers/Admin/UserController.php b/app/Http/Controllers/Admin/UserController.php
index c9d7a4725..2822cb3c4 100644
--- a/app/Http/Controllers/Admin/UserController.php
+++ b/app/Http/Controllers/Admin/UserController.php
@@ -141,12 +141,20 @@ class UserController extends Controller
      */
     public function update(Request $request, $id)
     {
-        try {
-            $repo = new UserRepository;
-            $user = $repo->update($id, $request->intersect([
+        // Rename variables because autofill cannot be disabled
+        // in any logical manner, and editing users is impossible.
+        $fixedData = array_filter(
+            collect($request->all())->mapWithKeys(function ($item, $key) {
+                return [str_replace('input_', '', $key) => $item];
+            })->only([
                 'email', 'password', 'name_first',
                 'name_last', 'username', 'root_admin',
-            ]));
+            ])->toArray()
+        );
+
+        try {
+            $repo = new UserRepository;
+            $user = $repo->update($id, $fixedData);
             Alert::success('User account was successfully updated.')->flash();
         } catch (DisplayValidationException $ex) {
             return redirect()->route('admin.users.view', $id)->withErrors(json_decode($ex->getMessage()));
diff --git a/resources/themes/pterodactyl/admin/users/view.blade.php b/resources/themes/pterodactyl/admin/users/view.blade.php
index 29be1682f..3580b0dd3 100644
--- a/resources/themes/pterodactyl/admin/users/view.blade.php
+++ b/resources/themes/pterodactyl/admin/users/view.blade.php
@@ -44,13 +44,13 @@
                     <div class="form-group">
                         <label for="email" class="control-label">Email</label>
                         <div>
-                            <input type="text" name="email" value="{{ $user->email }}" class="form-control">
+                            <input type="email" name="input_email" value="{{ $user->email }}" class="form-control">
                         </div>
                     </div>
                     <div class="form-group">
                         <label for="registered" class="control-label">Username</label>
                         <div>
-                            <input type="text" name="username" value="{{ $user->username }}" class="form-control">
+                            <input type="text" name="input_username" value="{{ $user->username }}" class="form-control">
                         </div>
                     </div>
                     <div class="form-group">
@@ -82,7 +82,7 @@
                     <div class="form-group">
                         <label for="password" class="control-label">Password</label>
                         <div>
-                            <input type="password" id="password" name="password" class="form-control">
+                            <input type="password" id="password" name="input_password" class="form-control">
                         </div>
                     </div>
                 </div>