密码哈希无法正常工作

时间:2011-12-10 11:16:52

标签: cakephp

我正在尝试使登录工作...但是当我注册(使用添加)功能时,我曾经有一个md5,然后我将其更改为$ this-> Auth->密码,然后我尝试没有那条线..好吧它第一次登录很好..但后来由于某种原因它再次更改哈希登录它永远不会匹配数据库..我不知道如何解决这个..这里是我的代码

<?php
class UsersController extends AppController {

    var $uses = array("User");
    var $components = array('Auth', 'Session');


    function index()
    {
        $this->set('users', $this->User->find('all'));
         $this->layout = 'master_layout';
    }

    function beforeFilter() {
       $this->Auth->allow('add');
      } 

      function add() { 

          if (!empty($this->data)) {
             //pass is hashed already
             //->data['User']['password'] = $this->Auth->password($this->data['User']['password']);
             if ($this->User->save($this->data)) {
                $this->Session->setFlash('Your were registered!.');
                               $this->redirect(array('action' => 'index'));
             }
          }

         $this->layout = 'master_layout';
      }

    //IF THE DATABASE IS SET UP CORRECTLY CAKE AUTHENTICATES AUTOMATICALLY NO
    //LOGIC IS NEEDED FOR LOGIN http://book.cakephp.org/view/1250/Authentication
    function login() {
        $this->layout = 'master_layout';
    }

    function logout() {

    $this->redirect($this->Auth->logout());

    }

}
?>

查看

<?php
echo $this->Session->flash('auth');
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->end('Login');
?>

1 个答案:

答案 0 :(得分:1)

你不应该在表格上使用密码作为字段名称。 这样,即使是空字符串也会被保存,并且会使已保存的字符串变得混乱。取决于你的beforeSave方法,空字符串甚至可以保存为哈希(隐藏它实际上是一个空密码)。

http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/