From 1b96f8659e6413c32584f9264300a9550e6967d6 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Mon, 2 Jan 2023 19:40:09 +0000
Subject: [PATCH] Rem comment - we set this info in the session at login and
 enforce roles there, and will be updating overall site role enforcement

---
 post.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/post.php b/post.php
index b656a12d..2b8a4eaa 100644
--- a/post.php
+++ b/post.php
@@ -53,7 +53,7 @@ if(isset($_POST['add_user'])){
     $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])));
     $email = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])));
     $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
-    $user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['password']); //TODO: Consider this users role - if they don't need access to logins, potentially don't set this -- just know it's a pain to add afterwards (you'd need to reset their password).
+    $user_specific_encryption_ciphertext = encryptUserSpecificKey($_POST['password']);
     $default_company = intval($_POST['default_company']);
     $role = intval($_POST['role']);