AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rem comment - we set this info in the session at login and enforce roles there, and will be updating overall site role enforcement

This commit is contained in:
Marcus Hill 2023-01-02 19:40:09 +00:00
parent 9eea00bccf
commit 1b96f8659e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
post.php
View File

@ -53,7 +53,7 @@ if(isset($_POST['add_user'])){
$name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
$email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['password']); //TODO: Consider this users role - if they don't need access to logins, potentially don't set this -- just know it's a pain to add afterwards (you'd need to reset their password).
$user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['password']);
$default_company = intval($_POST['default_company']);
$role = intval($_POST['role']);