You need to make sure you only pass fields to the update, that are present in the User table. The error you report probably occurs if somebody uses your plugin in dynamic mode. A quick solution (which is not the most secure one) is to delete a few possible inputs, such as
delete $args->{s};
delete $args->{t};A better solution would be to get a list of fields in the Users table, assign the user input to them, delete the dangerous ones (such as Username, Status, etc), and then update the desired record. You'll need
where $cols is a hashref whose keys are the field names of the Users table.
Ivan
-----
Iyengar Yoga Resources / GT Plugins
Code:
delete $args->{d}; delete $args->{s};
delete $args->{t};
Code:
my $cols = $DB->table('Users')->{schema}->{cols};Ivan
-----
Iyengar Yoga Resources / GT Plugins
