更改密码cakephp后,新密码不保存在数据库中

时间:2014-10-08 07:34:09

标签: cakephp cakephp-2.0 edit change-password before-save

很抱歉,我可以要求,当更改密码和忘记密码时,如果我的beforeSave功能如下所示,新密码不会存储在数据库中:

public function beforeSave($options = array()) {
if (!$this->id && !isset($this->data[$this->alias][$this->primaryKey]) && isset($this->data[$this->alias]['password'])) { $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']); } else {
unset($this->data[$this->alias]['password']);
}return true;}

但是如果BeforeSave的功能像这样改变了

public function beforeSave($options = array()) {  $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);}}

新密码的值是成功保存到数据库,但当用户执行编辑功能和密码为空时,数据库中的密码已经哈希两次 请帮助我,谢谢

哦,啊,这是我的changePassword函数:

public function account(){
    if(!$this->Session->check('Auth.User')){
        $this->Session->setFlash(__('You must be logged in to view this page.'));
        return $this->redirect(array('action' => 'login'));
    }
    //set user's ID in  model which is needed for validation
    $this->User->id = $this->Auth->user('id');

    //load the user (avoid populating $this->data)
    $current_user = $this->User->findById($this->User->id);
    $this->set('current_user', $current_user);

    $this->User->useValidationRules('ChangePassword');
    $this->User->validate['re_password']['compare']['rule'] = array('equalToField', 'password', false);

    $this->User->set($this->data);
    if(!empty($this->data) && $this->User->validates()){
        $password = $this->data['User']['password'];
        $this->User->saveField('password', $password);

        $this->Session->setFlash('Your password has been updated');
        $this->redirect(array('action' => 'account'));
    }

    $this->layout = 'dashboard_admin';
}

2 个答案:

答案 0 :(得分:0)

在编辑表单中添加新表单字段,而不是密码,添加new_password。只有当用户在那里放置东西时才会进行散列... 

public function edit($id = null) {
  $this->User->id = $id;

  if (!$this->User->exists()) {
    throw new NotFoundException(__('Invalid user'));
  }

  if ($this->request->is('post') || $this->request->is('put')) {
    if ($this->User->save($this->request->data)) {
      $this->Session->setFlash(__('Saved.', true));

      $this->redirect(array('action' => 'view', $id));
    } else {
      $this->Session->setFlash(__('Error.', true));
    }
  } else {
    $user = $this->User->read(null, $id);
    $this->request->data = $user;

    unset($this->request->data['User']['password']);
    $this->set('user', $user);
  }


public function beforeSave($options = array()) {
  if (!empty($this->data['User']['new_password'])) {
    $this->data['User']['password'] = AuthComponent::password($this->data['User']['new_password']);

    unset($this->data['User']['new_password']);
  }
}

答案 1 :(得分:0)

仅在编辑时使用此功能(用户未更改密码)且您不应向用户显示哈希密码

  if ($this->request->is('post') || $this->request->is('put')) {
    unset($this->request->data['User']['password']);
    if ($this->User->save($this->request->data)) {
      $this->Session->setFlash(__('Saved.', true));

      $this->redirect(array('action' => 'view', $id));
    } else {
      $this->Session->setFlash(__('Error.', true));
    }
  }
相关问题
最新问题