From 0ab84abe5bdc6844f7a97d6f99809b016d021a22 Mon Sep 17 00:00:00 2001
From: Isaac Connor <iconnor@pseudo.connortechnology.com>
Date: Thu, 29 Sep 2016 10:43:07 -0400
Subject: [PATCH] Since we are returning a hash called user, it should really
 contain all data for that user.

---
 web/includes/functions.php | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/web/includes/functions.php b/web/includes/functions.php
index d0caa1d6e..c2b4da921 100644
--- a/web/includes/functions.php
+++ b/web/includes/functions.php
@@ -65,10 +65,7 @@ function userLogin( $username, $password="", $passwordHashed=false ) {
 
 function userLogout() {
   global $user;
-  $username = $user['Username'];
-
-  Info( "User \"$username\" logged out" );
-
+  Info( 'User "'.$user['Username'].'" logged out' );
   unset( $_SESSION['user'] );
   unset( $user );
 
@@ -121,9 +118,9 @@ function getAuthUser( $auth ) {
     if ( $_SESSION['username'] ) {
       # Most of the time we will be logged in already and the session will have our username, so we can significantly speed up our hash testing by only looking at our user.
       # Only really important if you have a lot of users.
-      $sql = "SELECT Username, Password FROM Users WHERE Enabled = 1 AND Username='".$_SESSION['username']."'";
+      $sql = "SELECT * FROM Users WHERE Enabled = 1 AND Username='".$_SESSION['username']."'";
     } else {
-      $sql = 'SELECT Username, Password FROM Users WHERE Enabled = 1';
+      $sql = 'SELECT * FROM Users WHERE Enabled = 1';
     }
 
     foreach ( dbFetchAll( $sql ) as $user ) {