diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-06-12 07:19:17 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-06-12 07:19:17 +0000 |
| commit | 987213388ef8e1e00f30ca6c9107e69afc3cbc1f (patch) | |
| tree | 04ddbd370888985cdb678f334f9550057d0d1080 /lib/class | |
| parent | cc9d13a9a29764ce30ecb67dbdec3cc431a95355 (diff) | |
| download | ampache-987213388ef8e1e00f30ca6c9107e69afc3cbc1f.tar.gz ampache-987213388ef8e1e00f30ca6c9107e69afc3cbc1f.tar.bz2 ampache-987213388ef8e1e00f30ca6c9107e69afc3cbc1f.zip | |
fixed a potential security issue where the password hash was being put into the object :S
Diffstat (limited to 'lib/class')
| -rw-r--r-- | lib/class/user.class.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/class/user.class.php b/lib/class/user.class.php index 5b4b77b6..be0bfe31 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -55,9 +55,11 @@ class User { if (!count($info)) { return false; } foreach ($info as $key=>$value) { + // Let's not save the password in this object :S + if ($key == 'password') { continue; } + $this->$key = $value; } - $this->uid = $info->id; $this->set_preferences(); |