Question

这似乎工作得很好，我在表单中添加了一个复选框，以便用户可以决定是否更改密码。在添加用户操作中，验证工作正常，如果有任何错误，将无法保存用户，但是当我的编辑用户操作时，如果两个密码字段都为空，它仍将保存它们，但如果有任何数据，仍然可以正确验证它们密码输入。这是我的模特：

class User extends AppModel {
var $name = 'User';
var $displayField = 'name';
var $validate = array(
    'username' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a username to login with',
        ),
    ),
    'password' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a password',
        ),
        'alphanumeric' => array(
            'rule' => array('alphanumeric'),
            'required' => true,
            'message' => 'User must have a password'
        ),
        'minlength' => array(
            'rule' => array('minlength', 6),
            'message' => 'Password must be at least 6 characters',
        ),
        'confirmPassword' => array(
            'rule' => array('confirmPassword', 'password'),
            'message' => 'Passwords do not match'
        ),
    ),
    'password_confirm' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a password',
        ),
        'alphanumeric' => array(
            'rule' => array('alphanumeric'),
            'required' => true,
            'message' => 'User must have a password'
        ),
        'minlength' => array(
            'rule' => array('minlength', 6),
            'message' => 'Password must be at least 6 characters',
        ),
    ),
);

function confirmPassword($data) {
    return ($data['password'] === Security::hash(Configure::read('Security.salt').$this->data['User']['password_confirm']));
}

这是我的编辑用户操作：

function admin_edit($id = null) {
    $this->set('title_for_layout', 'Users / Editing User');

    if (!$id && empty($this->data)) {
        $this->Session->setFlash(__('Invalid user specified', true), 'flash_error');
        $this->redirect(array('action' => 'index'));
    }
    if (!empty($this->data)) {
        $redirect = array('action' => 'index');
        if ($this->data['User']['edit_password'] == 1) {
            $fields = array('username', 'confirm_password', 'password', 'name');
            if ($this->data['User']['id'] == $this->Auth->user('id')) {
                $redirect['action'] = 'logout';
            }
        } else {
            $fields = array('username', 'name');
        }

        if ($this->User->save($this->data, true, $fields)) {
            $this->Session->setFlash(__(sprintf('The user <i>%s</i> was saved successfully.', $this->data['User']['username']), true), 'flash_success');
            $this->redirect($redirect);
        } else {
            $this->Session->setFlash(__('There were errors when trying to save the user', true), 'flash_error');
        }
    }
    if (empty($this->data)) {
        $this->data = $this->User->read(null, $id);
        $this->data['User']['password'] = '';
        $this->data['User']['edit_password'] = 0;
    }
}

Answer 1

提前抱歉，因为这只是一个半答案，但应该让你朝着正确的方向前进。

如果提交的数据中也存在用户名字段，Auth组件将自动对密码字段进行哈希

因此，您已将数据设置为预期...或避免它。

这种方法也会派上用场。 http://book.cakephp.org/view/1259/hashPasswords

在保存密码时无法正确验证

1 个答案: