updating spec to fail if salt is not defined

spec/vulnerabilities/password_hashing_spec.rb

@@ -21,6 +21,9 @@ feature 'improper password hashing' do
       @normal_user.password_confirmation = new_pass
       @normal_user.save
       pending(:if => verifying_fixed?) {Digest::MD5.hexdigest(@normal_user.salt + new_pass).should == @normal_user.password}
+    else
+      #fail test if salt attribute not defined
+      true.should == false
     end
   end
 end