Merge pull request #501 from kenjis/improve-RegisterController-allowe…

…dPostFields

fix: set only validated fields to User Entity in RegisterController

src/Controllers/RegisterController.php

@@ -76,12 +76,8 @@ public function registerAction(): RedirectResponse
         }
 
         // Save the user
-        $allowedPostFields = array_merge(
-            setting('Auth.validFields'),
-            setting('Auth.personalFields'),
-            array_keys($rules),
-        );
-        $user = $this->getUserEntity();
+        $allowedPostFields = array_keys($rules);
+        $user              = $this->getUserEntity();
         $user->fill($this->request->getPost($allowedPostFields));
 
         // Workaround for email only registration/login