From 0fb9f42ba4e7d661bdb2717b13073fd4b06e2e9f Mon Sep 17 00:00:00 2001
From: Till Deeke <privat@tilldeeke.de>
Date: Fri, 13 Jul 2018 13:04:30 +0200
Subject: [PATCH]  Removes setting the encryption status on update (#5833)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

When we are updating a custom field, we don’t want to change the „field_encrypted“-setting on it.
---
 app/Http/Controllers/Api/CustomFieldsController.php | 8 +++++++-
 app/Http/Controllers/CustomFieldsController.php     | 1 -
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/Api/CustomFieldsController.php b/app/Http/Controllers/Api/CustomFieldsController.php
index 345cea24d2..cd93a46383 100644
--- a/app/Http/Controllers/Api/CustomFieldsController.php
+++ b/app/Http/Controllers/Api/CustomFieldsController.php
@@ -59,7 +59,13 @@ class CustomFieldsController extends Controller
     {
         $this->authorize('update', CustomField::class);
         $field = CustomField::findOrFail($id);
-        $data = $request->all();
+        
+        /**
+         * Updated values for the field, 
+         * without the "field_encrypted" flag, preventing the change of encryption status
+         * @var array
+         */
+        $data = $request->except(['field_encrypted']);
 
         $validator = Validator::make($data, $field->validationRules());
         if ($validator->fails()) {
diff --git a/app/Http/Controllers/CustomFieldsController.php b/app/Http/Controllers/CustomFieldsController.php
index cd446d4a65..aa26985f11 100644
--- a/app/Http/Controllers/CustomFieldsController.php
+++ b/app/Http/Controllers/CustomFieldsController.php
@@ -183,7 +183,6 @@ class CustomFieldsController extends Controller
         $field->name = e($request->get("name"));
         $field->element = e($request->get("element"));
         $field->field_values = e($request->get("field_values"));
-        $field->field_encrypted = e($request->get("field_encrypted", 0));
         $field->user_id = Auth::user()->id;
         $field->help_text = $request->get("help_text");
         $field->show_in_email = $request->get("show_in_email", 0);