Small bug in create_user() function.

[WaqasIbrahim]

// Update to correct salted password
            $data = null;
            if( !$this->config_vars['use_password_hash']){
                $data['pass'] = $this->hash_password($pass, $user_id);
            }

            $this->aauth_db->where('id', $user_id);
            $this->aauth_db->update($this->config_vars['users'], $data);

I have set "use_password_hash" to true in config file and as you can see the condition will fail and data array stays null. I am getting this error because of it.

You must use the "set" method to update an entry.

[nimrod-cohen]

Digging a bit further, the password is always hashed.
the use_password_hash only checks which mechanism to hash with.
since the default mechanism relays on the user id, then just in case we're using it, the code needs to hash again after the user id is generated.

@Waqas-Ibrahim, also, you shouldn't get an error, as the password is already inserted a couple of lines above there:

$data = array(
    'email' => $email,
    'pass' => $this->hash_password($pass, 0), // Password cannot be blank but user_id required for salt, setting bad password for now
    'username' => (!$username) ? '' : $username ,
    'date_created' => date("Y-m-d H:i:s"),
        );
if ( $this->aauth_db->insert($this->config_vars['users'], $data )){

could be written differently, but the code is fine.

[WaqasIbrahim]

@nimrod-cohen It tries to update the password field with new generated password using user_id, but the condition fails as i have set 'use_password_hash' to true. So as i said earlier, data array is null hence the error.

[nimrod-cohen]

@Waqas-Ibrahim
yes, correct, the entire update there is irrelevant when the password is not updated.
you're right on this issue.

[REJack]

guys i will look over it in 1-2hours

[REJack]

Guys i fixed the bug.

Please test the develop-branch.

[WaqasIbrahim]

Thanks @REJack 👍