Permalink
Browse files

Only include encrypted password with direct user model queries

  • Loading branch information...
1 parent 912fb29 commit 5b8ed1250ced74470e353d77e060fa5904c25781 @DHS committed May 30, 2012
Showing with 15 additions and 0 deletions.
  1. +1 −0 controllers/users_controller.php
  2. +2 −0 models/comment.php
  3. +2 −0 models/invite.php
  4. +2 −0 models/item.php
  5. +6 −0 models/like.php
  6. +2 −0 models/user.php
@@ -104,6 +104,7 @@ function show($id) {
if ($this->json) {
+ unset($user->password);
$this->render_json($user);
} else {
View
@@ -51,6 +51,8 @@ public static function get_by_id($id) {
$comment = new Comment($result);
$comment->user = User::get_by_id($result['user_id']);
+ unset($comment->user->password);
+
return $comment;
}
View
@@ -55,6 +55,8 @@ public static function get_by_id($id) {
$invite = new Invite($result);
$invite->user = User::get_by_id($result['user_id']);
+ unset($invite->user->password);
+
return $invite;
}
View
@@ -64,6 +64,8 @@ public static function get_by_id($id) {
$item->comments = $item->comments();
$item->likes = $item->likes();
+ unset($item->user->password);
+
return $item;
}
View
@@ -53,6 +53,9 @@ public static function get_by_id($id) {
$like = new Like($result);
$like->user = User::get_by_id($result['user_id']);
+
+ unset($like->user->password);
+
return $like;
}
@@ -81,6 +84,9 @@ public static function get_by_user_item($user_id, $item_id) {
$like = Like::get_by_id($id);
$like->user = User::get_by_id($user_id);
+
+ unset($like->user->password);
+
return $like;
}
View
@@ -254,6 +254,7 @@ public function friends($limit = 10, $offset = 0) {
$friends = array();
while ($result = mysqli_fetch_assoc($query)) {
$friends[$result['id']] = User::get_by_id($result['friend_user_id']);
+ unset($friends[$result['id']]->password);
}
return $friends;
@@ -281,6 +282,7 @@ public function followers($limit = 10, $offset = 0) {
$friends = array();
while ($result = mysqli_fetch_assoc($query)) {
$friends[$result['id']] = User::get_by_id($result['user_id']);
+ unset($friends[$result['id']]->password);
}
return $friends;

0 comments on commit 5b8ed12

Please sign in to comment.