I'm using PHP Codeigniter to build a web application.
In my controller, I call a model (say the "user" object) which has several properties and methods. Some of these properties contain sensitive data like hashed passwords, etc.
I need this object in the view, but I don't want to pass along the sensitive properties to the view.
I can think of one way to do this - which is to unset each sensitive property individually before passing the entire object to the view, but this seems too long and verbose (as seen in the code below):
unset($this->user->hashed_pwd);
unset($this->user->security_question);
...(and so on)
Does anybody know of a shorter / simpler way to sanitize such an object for the view? Or is there a better practice for doing this?
The view does not know about these other properties unless you refer to them (in server code) they are not sent to the view (client code). If you are so concerned, you could simply build a new object with a method that only transfers elements that are flagged safe. Use a naming scheme to differentiate elements that can be sent to the view, to make the code less verbose.
What they are saying is true. But I also agree with your concerns and I think its one of those situations of 'the object knows too much'. It should just know its a valid user - not how it was validated. So what about not making those part of the $this->user at all?
Something like $this->userLogin . Do your login methods, if success then $this->userLogin retrieves $this->user . If you have access levels that need to be referred to later, just make that an attribute in $this->user .
The other advantage is that your login methods can change later - and it doesn't change the main $this->user object.