I’ve looked over various approaches, and various questions published on this subject, but with no luck. In my case, the controller code “appears” to work, and the message flashes up “Your changes have been saved”, but the password database field is unchanged. Is there something I am missing?
Controller code
public function changepass($id = null) {
$this->layout = 'profile_page';
//$this->request->data['User']['id'] = $this->Session->read('Auth.User.id');
$user = $this->User->find('first', array(
'conditions' => array('User.id' => $this->Auth->user('id'))
)); // 'User.id' => $id
$this->set('user',$user);
if ($this->request->is('post') || $this->request->is('put'))
{
$this->User->saveField('password', AuthComponent::password($this->request->data['User']['newpass']));
// $this->User->saveField('password', $this->data['User']['password']);
// $this->data['User']['password']= $this->request->data['User']['newpass'];
if ($this->User->save($this->request->data))
{
$this->Session->setFlash(__('Your password has been changed!'));
$this->redirect(array('controller'=>'articles','action'=>'index'));
}
else
{
$this->Session->setFlash(__('Whoops! Something went wrong... try again?'));
$this->redirect(array('controller'=>'users','action'=>'changepass'));
}
}
$this->request->data = $this->User->read(null, $id);
unset($this->request->data['User']['password']); // tried commenting out
}
Model
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
if (isset($this->data[$this->alias]['newpass'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['newpass']);
}
}
return true;
}
Of course later I’d put in existing password check, and confirm new password check, but i need to get the existing password update basic approach working.
Many thanks in advance for any light you can shed on this,
I think I’ve sussed this. First, major bloop on my part – in my view I’d put echo $this->Form->create(‘User’, array(‘action’ => ‘edit’)); — of course change action to ‘changepass’
New Controller code:
public function changepass ($id = null) {
$this->layout = 'profile_page';
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
//debug($this->request->data);
if ($this->request->is('post') || $this->request->is('put')) {
$this->data['User']['password']= $this->request->data['User']['newpass'];
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('Your password changes have been saved'));
$this->redirect(array('controller' => 'articles', 'action' => 'index'));
} else {
$this->Session->setFlash(__('The profile could not be saved. Please, try again.'));
}
} else {
if ($this->Auth->user('id')!= $id) {
$this->Session->setFlash('You are not allowed that operation!');
$this->redirect(array('controller' => 'articles', 'action' => 'index'));
}
$this->request->data = $this->User->read(null, $id);
debug($this->request->data);
unset($this->request->data['User']['password']);
}
}
Model – tidied up as per advice from eboletaire
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
if (isset($this->data[$this->alias]['newpass'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['newpass']);
}
return true;
}
First of all, you are saving the password twice. Remove/comment this line:
Anyway, I think the problem is in your model. Check out your beforeSave method. Why are you setting password first with field password and then with field newpass???
PD. Cleaning up your code I’ve also seen that maybe the second if should be outside the first one.