Permalink
Browse files

Removed profile() and current() and everything now uses ->user()->row…

…(). user() previously picked the first user at random, meaning people could quite easily hand out admin rights to everyone, so it now defaults to the session user_id, which will of course be false == 0, so nobody will be selected if no id is provided as argument or session. Much better!
  • Loading branch information...
1 parent 02baf12 commit ef733edb5ef396fec57fe363c5c8616506054c79 Phil Sturgeon committed Sep 5, 2011
Showing with 36 additions and 61 deletions.
  1. +1 −21 libraries/Ion_auth.php
  2. +35 −40 models/ion_auth_model.php
View
@@ -147,7 +147,7 @@ public function forgotten_password_complete($code)
$this->ci->ion_auth_model->trigger_events('pre_password_change');
$identity = $this->ci->config->item('identity', 'ion_auth');
- $profile = $this->ci->ion_auth_model->profile($code, true); //pass the code to profile
+ $profile = $this->user($code, true)->row(); //pass the code to profile
if (!is_object($profile))
{
@@ -372,24 +372,4 @@ public function in_group($check_group)
return FALSE;
}
-
- /**
- * Profile
- *
- * @TODO want to get rid of this
- * @return void
- * @author Mathew
- **/
- public function profile()
- {
- $this->ci->ion_auth_model->trigger_events('profile');
-
- $session = $this->ci->config->item('identity', 'ion_auth');
- $identity = $this->ci->session->userdata($session);
-
- return $this->ci->ion_auth_model->profile($identity);
- }
-
-
-
}
View
@@ -299,7 +299,7 @@ public function activate($id, $code = false)
$data = array(
'activation_code' => '',
'active' => 1
- );
+ );
$this->trigger_events('extra_where');
$this->db->update($this->tables['users'], $data, array($this->identity_column => $identity));
@@ -309,7 +309,7 @@ public function activate($id, $code = false)
$data = array(
'activation_code' => '',
'active' => 1
- );
+ );
$this->trigger_events('extra_where');
@@ -735,14 +735,16 @@ public function offset($offset)
return $this;
}
- public function where($where, $value=NULL)
+ public function where($where, $value = NULL)
{
$this->trigger_events('where');
- if (isset($value))
- $this->_where[] = array($where => $value);
- elseif (is_array($where))
- $this->_where[] = $where;
+ if ( ! is_array($where))
+ {
+ $where = array($where => $value);
+ }
+
+ array_push($this->_where, $where);
return $this;
}
@@ -809,10 +811,11 @@ public function users()
$this->trigger_events('users');
$this->db->select(array(
- $this->tables['users'].'.*',
- ));
+ $this->tables['users'].'.*',
+
+ ));
- if (!empty($this->columns))
+ if ( ! empty($this->columns))
{
foreach ($this->columns as $field)
{
@@ -829,9 +832,11 @@ public function users()
if (isset($this->_where))
{
foreach ($this->_where as $where)
+ {
$this->db->where($where);
-
- unset($this->_where);
+ }
+
+ $this->_where = array();
}
@@ -852,7 +857,6 @@ public function users()
unset($this->_order_by);
}
-
$this->response = $this->db->get($this->tables['users']);
return $this;
@@ -869,31 +873,17 @@ public function user($id = NULL)
{
$this->trigger_events('user');
- if (isset($id))
- $this->where($this->tables['users'].'.id', $id);
-
+ //if no id was passed use the current users id
+ $id || $id = $this->session->userdata('user_id');
+
+ $this->limit(1);
+ $this->where($this->tables['users'].'.id', $id);
+
$this->users();
return $this;
}
-
- /**
- * current
- *
- * @return object
- * @author Ben Edmunds
- **/
- public function current()
- {
- $this->trigger_events('current');
-
- $this->where($this->tables['users'].'.id', $this->session->userdata('user_id'));
-
- $this->users();
-
- return $this;
- }
/**
* get_users_groups
@@ -962,9 +952,10 @@ public function groups()
if (isset($this->_where))
{
foreach ($this->_where as $where)
+ {
$this->db->where($where);
-
- unset($this->_where);
+ }
+ $this->_where = array();
}
@@ -1004,17 +995,17 @@ public function group()
/**
- * update_user
+ * update
*
* @return bool
* @author Phil Sturgeon
**/
- public function update($data)
+ public function update($id, array $data)
{
$this->trigger_events('pre_update_user');
- $user = $this->user()->row();
-
+ $user = $this->user($id)->row();
+
$this->db->trans_begin();
if (array_key_exists($this->identity_column, $data) && $this->identity_check($data[$this->identity_column]) && $user->{$this->identity_column} !== $data[$this->identity_column])
@@ -1028,7 +1019,7 @@ public function update($data)
return FALSE;
}
- if (!empty($this->columns))
+ if ( ! empty($this->columns))
{
//filter the data passed by the columns in the config
$meta_fields = array();
@@ -1265,13 +1256,17 @@ public function set_hook($event, $name, $class, $method, $arguments)
public function remove_hook($event, $name)
{
if (isset($this->_hooks->$event[$name]))
+ {
unset($this->_hooks->$event[$name]);
+ }
}
public function remove_hooks($event)
{
if (isset($this->_hooks->$event))
+ {
unset($this->_hooks->$event);
+ }
}
protected function _call_hook($event, $name)

0 comments on commit ef733ed

Please sign in to comment.