我尝试在正确更改密码的同时进行散列,但是我不能,总是在更改密码后,它会进行两次哈希或者我不知道。请告诉我我做错了什么。
class User extends AppModel
{
var $validate = array(
'name' => array(
'length' => array(
'rule' => array('minLength', 5),
'message' => 'Please enter your full name (more than 5 chars)',
'required' => true,
),
),
'username' => array(
'length' => array(
'rule' => array('minLength', 5),
'message' => 'Must be more than 5 characters',
'required' => true,
),
'alphanum' => array(
'rule' => 'alphanumeric',
'message' => 'May only contain letters and numbers',
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'Already taken',
),
),
'email' => array(
'email' => array(
'rule' => 'email',
'message' => 'Must be a valid email address',
),
'unique' => array(
'rule' => 'isUnique',
'message' => 'Already taken',
),
),
'password' => array(
'empty' => array(
'rule' => 'notEmpty',
'message' => 'Must not be blank',
'required' => true,
),
),
'password_confirm' => array(
'required' => array(
'rule' => array('equalToField', 'password', true),
'message' => 'The password you entered does not match',
),
'length' => array(
'rule' => array('between', 6, 20),
'message' => 'Use between 6 and 20 characters',
),
'empty' => array(
'rule' => 'notEmpty',
'message' => 'Must not be blank',
),
),
);
function equalToField($array, $field) {
return strcmp($this->data[$this->alias][key($array)], $this->data[$this->alias][$field]) == 0;
}
var $validateChangePassword = array(
'_import' => array('password', 'password_confirm'),
'password_old' => array(
'correct' => array(
'rule' => 'password_old',
'message' => 'Does not match',
'required' => true,
),
'empty' => array(
'rule' => 'notEmpty',
'message' => 'Must not be blank',
),
),
);
function useValidationRules($key)
{
$variable = 'validate' . $key;
$rules = $this->$variable;
if (isset($rules['_import'])) {
foreach ($rules['_import'] as $key) {
$rules[$key] = $this->validate[$key];
}
unset($rules['_import']);
}
$this->validate = $rules;
}
function password_old($data)
{
$password = $this->field('password',
array('User.id' => $this->id));
return $password ===
Security::hash($data['password_old'], null, true);
}
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this- >alias]['password']);
}
return true;
}
然后我的控制器:
class UsersController extends AppController
{
var $components = array('Email');
/**
* Account details page (change password)
*/
function account()
{
// Set User's ID in model which is needed for validation
$this->User->id = $this->Auth->user('id');
// Load the user (avoid populating $this->data)
$current_user = $this->User->findById($this->User->id);
$this->set('current_user', $current_user);
$this->User->useValidationRules('ChangePassword');
$this->User->validate['password_confirm']['compare']['rule'] =
array('equalToField', 'password', false);
$this->User->set($this->data);
if (!empty($this->data) && $this->User->validates()) {
$password = $this->Auth->password($this->data['User']['password']);
$this->User->saveField('password', $password);
$this->Session->setFlash('Your password has been updated');
$this->redirect(array('action' => 'account'));
}
}
/**
* Registration page for new users
*/
// function register()
// {
// if (!empty($this->data)) {
// $this->User->create();
// if ($this->User->save($this->data)) {
// $this->Session->setFlash(__('Your account has been created.', true));
// $this->redirect('/');
// } else {
// $this->Session->setFlash(__('Your account could not be created.', true));
// }
// }
// }
public function register(){
if($this->request->is('post')){
$this->User->create();
if($this->User->save($this->request->data)){
$this->Session->setFlash(__('Użytkownik został zapisany', 'success'));
$this->redirect(array('controller'=>'ads', 'action'=>'index'));
} else {
$this->Session->setFlash(__('Błąd zapisu'), 'error');
}
}
}
/**
* Log a user out
*/
function logout()
{
return $this->redirect($this->Auth->logout());
}
/**
* Ran directly after the Auth component has executed
*/
function login()
{
// Check for a successful login
if($this->request->is('post')){
if($this->Auth->login()){
$this->User->id = $this->Auth->user('id'); // zapisuje date logowania
$this->User->saveField('lastlogin', date(DATE_ATOM)); // zapisuje date logowania
$this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Nieprawidłowy login lub hasło'), 'error');
}
}
}
和视图:
echo $this->Form->create(array('action' => 'account'));
echo $this->Form->input('password_old', array('label' => 'Old password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->input('password_confirm', array('label' => 'New password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->input('password', array('label' => 'Re-enter new password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->end('Update Password');
答案 0 :(得分:0)
从
中更改UsersController中的帐户功能$password = $this->Auth->password($this->data['User']['password']);
到
$password = $this->data['User']['password'];
$ this-> Auth-> password()在模型中执行与AuthComponent :: password()相同的功能。
所以你的密码是哈希两次。