Security: ensure reliability for the user update process

In the route /profile/edit:

Currently, the email field has the attribute readonly. That means the email value is within the POSTs submitted when the form i.

Change the attribute readonly to disabled to prevent the value from being posted with the form data.

Also, make sure that this update does not have the instruction to update the email for security reasons.