CakePHP在保存之前不验证或散列我的密码

时间:2014-07-03 12:14:28

标签: php cakephp

它适用于我的"注册"行动,但它不适用于我的" forgetPassword"动作。

notEmpty验证适用于两者,但我的自定义验证用于匹配密码中的值并确认密码并不适用于我的" forgetPassword"但它适用于我的"注册"动作。

以下是我的模型中的验证代码片段

        'confirm_password' => array(
            'confirm password field cannot be empty' => array(
                'rule' => 'notEmpty',
                'message' => 'This field cannot be left empty'
            ),

            'confirm password must match password' => array(
                'rule' => 'matchPassword',
                'message' => 'The two passwords do not match'

            )

        ),

以及我的模型中的其他方法

    public function matchPassword($check){
        if(strcmp($this->data['User']['password'],$this->data['User']['confirm_password']) != 0){
            $this->invalidate('password','The two password do not match');
            return false;
        }
        return true;
    }

    public function beforeSave($options = array()){
        if(!$this->id){
            $passwordHasher = new SimplePasswordHasher();
            $this->data['User']['password'] = $passwordHasher->hash($this->data['User']['password']);
        }
        return true;
    }

和我的forget_password.ctp 

<h1>Enter Your New Password</h1>
<?php echo $this->Form->create(); ?>
<?php echo $this->Form->input('password'); ?>
<?php echo $this->Form->input('confirm_password', array('type' => 'password','label' => 'Type again')); ?>          
<?php echo $this->Form->submit('Change', array('class' =>'button')); ?>
<?php echo $this->Form->end(); ?>

这是我在控制器中用来更新密码的更新密码方法

    protected function _updatePassword($id,$password){
        $this->User->id = $id;
        $this->User->data['User']['password'] = $password;
        if($this->User->save($this->User->data,false)){
            return true;
        } else{
            return false;
        }
    }

更新:而不是做 $password = $this->request->data['User']['password'];

然后将此$ password作为参数传递给_updatePassword($ id,$ password)以将其用作 $this->User->data['User']['password'] = $password; $this->user->save($this->User->data);

现在我正在做$this->User->save($this->request->data);并且验证工作正常。但密码哈希问题仍然存在。

更新2:

即使我删除了if(!$this->id){它也无效。所以我在我的控制器中使用了类似的东西

        if($this->request->is('post')){
            $this->User->id = $id;
            $passwordHasher = new SimplePasswordHasher();
            if(isset($this->request->data['User']['password']) and isset($this->request->data['User']['confirm_password'])){
                $this->request->data['User']['password'] = $passwordHasher->hash($this->request->data['User']['password']);
                $this->request->data['User']['confirm_password'] = $passwordHasher->hash($this->request->data['User']['confirm_password']);
            }
            if($this->User->save($this->request->data)){

完成任务。

0 个答案:

没有答案
相关问题
最新问题