Home/ Questions/Q 6018695
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T03:18:43+00:00

This seemed to be working perfectly, I added a checkbox to my form so

  • 0

This seemed to be working perfectly, I added a checkbox to my form so the user can decide whether to change the password or not. In the add user action the validation works fine and won’t save the user if there are any errors, but with my edit user action it will still save them when both password fields are blank, but still validate them properly if there’s any data in either password input. Here’s my model:

class User extends AppModel {
var $name = 'User';
var $displayField = 'name';
var $validate = array(
    'username' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a username to login with',
        ),
    ),
    'password' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a password',
        ),
        'alphanumeric' => array(
            'rule' => array('alphanumeric'),
            'required' => true,
            'message' => 'User must have a password'
        ),
        'minlength' => array(
            'rule' => array('minlength', 6),
            'message' => 'Password must be at least 6 characters',
        ),
        'confirmPassword' => array(
            'rule' => array('confirmPassword', 'password'),
            'message' => 'Passwords do not match'
        ),
    ),
    'password_confirm' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'User must have a password',
        ),
        'alphanumeric' => array(
            'rule' => array('alphanumeric'),
            'required' => true,
            'message' => 'User must have a password'
        ),
        'minlength' => array(
            'rule' => array('minlength', 6),
            'message' => 'Password must be at least 6 characters',
        ),
    ),
);

function confirmPassword($data) {
    return ($data['password'] === Security::hash(Configure::read('Security.salt').$this->data['User']['password_confirm']));
}

And here’s my edit user action:

function admin_edit($id = null) {
    $this->set('title_for_layout', 'Users / Editing User');

    if (!$id && empty($this->data)) {
        $this->Session->setFlash(__('Invalid user specified', true), 'flash_error');
        $this->redirect(array('action' => 'index'));
    }
    if (!empty($this->data)) {
        $redirect = array('action' => 'index');
        if ($this->data['User']['edit_password'] == 1) {
            $fields = array('username', 'confirm_password', 'password', 'name');
            if ($this->data['User']['id'] == $this->Auth->user('id')) {
                $redirect['action'] = 'logout';
            }
        } else {
            $fields = array('username', 'name');
        }

        if ($this->User->save($this->data, true, $fields)) {
            $this->Session->setFlash(__(sprintf('The user <i>%s</i> was saved successfully.', $this->data['User']['username']), true), 'flash_success');
            $this->redirect($redirect);
        } else {
            $this->Session->setFlash(__('There were errors when trying to save the user', true), 'flash_error');
        }
    }
    if (empty($this->data)) {
        $this->data = $this->User->read(null, $id);
        $this->data['User']['password'] = '';
        $this->data['User']['edit_password'] = 0;
    }
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Sorry in advance as this is only a half-answer, but should get you moving in the right direction.

    The Auth component will automatically hash the password field if the username field is also present in the submitted data

    So you have set up your data to either anticipate this.. or avoid it.

    This method will come in handy too.
    http://book.cakephp.org/view/1259/hashPasswords

    • 0