Advance on problems page

[vchess.git] / models / User.js

diff --git a/models/User.js b/models/User.js
index 6eff273..171dc2c 100644 (file)
--- a/models/User.js
+++ b/models/User.js
@@ -14,6 +14,9 @@ var params = require("../config/parameters");
  *   notify: boolean (send email notifications for corr games)
  */
 
+// TODO: consider sanitizing http://www.unixwiz.net/techtips/sql-injection.html
+// But parameters are supposed to already be cleaned (in controller).
+
 // User creation
 exports.create = function(name, email, notify, callback)
 {