Hi I am using Laravel and I am using a couple of packages for user auth and roles which are Zizaco Confide and I want to update the users password firstly they should input there current password a new password and confirm the password and they should match. Now the validation works but the users password isn't updated in the database. My code is below:
public function updatePassword($id) {
$rules = array(
'now_password' => 'required',
'password' => 'min:5|confirmed|different:now_password',
'password_confirmation' => 'required_with:password|min:5'
);
//password update.
$now_password = Input::get('now_password');
$password = Input::get('password');
$passwordconf = Input::get('password_confirmation');
$validator = Validator::make(Input::only('now_password', 'password', 'password_confirmation'), $rules);
if ($validator->fails()) {
return Redirect::back()->withErrors($validator);
}
elseif (Hash::check($now_password, Auth::user()->password)) {
$user = User::find($id);
$user->password = Hash::make($password);
$user->save();
return Redirect::back()->with('success', true)->with('message','User updated.');
} else {
return Redirect::back()->withErrors('Password incorrect');
}
}
Any ideas why the users password is not isn't updated using this block of code
$user = User::find($id);
$user->password = Hash::make($password);
$user->save();
User Model
<?php
use Zizaco\Confide\ConfideUser;
use Zizaco\Confide\ConfideUserInterface;
use Zizaco\Entrust\HasRole;
class User extends Eloquent implements ConfideUserInterface
{
use SoftDeletingTrait;
use ConfideUser;
use HasRole;
protected $softDelete = true;
public function favourites()
{
return $this->hasMany('Favourite');
}
}
To check inputted password:
1.
$now_password = Input::get('now_password');
$user = DB::table('users')->where('name', Auth::user()->name)->first();
if(Hash::check($now_password, $user->password)){
//Your update here
}
2.
$now_password = Input::get('now_password');
if(Hash::check($now_password, Auth::user()->password)){
//Your update here
}
To check if they match and if the new password is different than old.
$rules = array(
'now_password' => 'required|min:8',
'password' => 'required|min:8|confirmed|different:now_password',
'password_confirmation' => 'required|min:8',
);
And edit your form to (or enter your names):
{{ Form::label('now_password', 'Old Password') }}
{{ Form::password('now_password')}}
{{ Form::label('password', 'New Password') }}
{{ Form::password('password')}}
{{ Form::label('password_confirmation', 'Confrim New Password') }}
{{ Form::password('password_confirmation')}}
Update
Ok, so you don't want to edit only passwords.
Edit your rules:
$rules = array(
'now_password' => 'required|min:5',
'password' => 'min:5|confirmed|different:now_password',
'password_confirmation' => 'required_with:password|min:5'
);
I think that current password should be required in every type of change. Other inputs imo shouldn't be required, because you don't know which data user want to edit.
You should also add to your rules something like:
'username' => alpha_num|unique:users,username
etc.. (for more see http://laravel.com/docs/4.2/validation#available-validation-rules)
If Validator pass, you should check which data user want to change (which inputs are not empty). Something like:
if(!empty(Input::get('firstname'))){
$user->firstname = Input::get('firstname');
}
etc...with every input.
Try it like this:
public function updatePassword($id)
{
$user = User::findOrFail($id);
User::$rules['now_password'] = 'required';
// other rules here
$validator = Validator::make($data = Input::all(), User::rules('update', $id));
if ($validator->fails())
{
return Redirect::back()->withErrors($validator)->withInput();
}
array_forget($data, 'password_confirmation');
array_forget($data, 'now_password');
$data['password'] = Hash::make($data['password']);
$user->update($data);
return Redirect::back()->with('success', true)->with('message','User updated.');
}
remember your password confirmation field name must be "password_confirmation" if you used first way... if you used another name for password confirm field you can use second way.
$this->validate($request, [
'email' => 'required|unique:user|email|max:255',
'username' => 'required|max:20',
'password' => 'required|min:3|confirmed',
'password_confirmation' => 'required',
'gender' => 'required|in:m,f',
]);
$this->validate($request, [
'email' => 'required|unique:user|email|max:255',
'username' => 'required|max:20',
'password' => 'required|min:3',
'confirm_password' => 'same:password',
'gender' => 'required|in:m,f',
]);
public function change_password_post($id)
{
$rules = array(
'current' => 'required|string|min:8',
'new' => 'required|string|min:8',
'confirm' => 'required|same:new'
);
$validator = Validator::make(Input::only('current', 'new', 'confirm'), $rules);
if($validator->fails())
{
return Redirect::back()
->withErrors($validator);
}
else
{
$users = User::where('id', '=', $id)->first();
if (Hash::check(Input::get('current'), $users->password))
{
if(Input::get('new') == Input::get('confirm'))
{
$users->password =Hash::make(Input::get('new'));
$users->save();
$msg = array('msg' => 'Password changed Successfully');
return Redirect::back()
->withErrors($msg);
}
else
{
$msg = array('msg' => 'New password and Confirm password did not match');
return Redirect::back()
->withErrors($msg);
}
}
else
{
$msg = array('msg' => 'Current password is incorrect');
return Redirect::back()
->withErrors($msg);
}
}
}
来源:https://stackoverflow.com/questions/28399899/laravel-update-password-passes-validation-but-doesnt-update-record