From 00d8ce26637816d4bead61a3cd8f1acc3e6f9bf6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <barisusakli@gmail.com>
Date: Tue, 23 Jun 2020 15:47:10 -0400
Subject: [PATCH] fix: only allow valid uids

---
 src/socket.io/user/profile.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/socket.io/user/profile.js b/src/socket.io/user/profile.js
index 0886b1e24c..4519d46bad 100644
--- a/src/socket.io/user/profile.js
+++ b/src/socket.io/user/profile.js
@@ -162,7 +162,7 @@ module.exports = function (SocketUser) {
 			throw new Error('[[error:invalid-uid]]');
 		}
 
-		if (!data || !data.uid) {
+		if (!data || !(parseInt(data.uid, 10) > 0)) {
 			throw new Error('[[error:invalid-data]]');
 		}