问题
How do I save users in my CakePHP app without requiring them to change their password each time?
I have code in place to check the two password fields and apply some verification rules, which works great for registration and for changing passwords in the 'edit' view. However, how do I skip the verification rules and saving the password if the password fields are left empty in the Edit view? Obviously, I don't want to skip this requirement on registration.
register.ctp and edit.ctp:
echo $form->create('User');
echo $form->input('username');
echo $form->input('pwd');
echo $form->input('pwd_repeat');
echo $form->end('Submit');
User.ctp validation rules:
'pwd' => array(
'length' => array(
'rule' => array('between', 8, 40),
'message' => 'Your password must be between 8 and 40 characters.',
),
),
'pwd_repeat' => array(
'length' => array(
'rule' => array('between', 8, 40),
'message' => 'Your password must be between 8 and 40 characters.',
),
'compare' => array(
'rule' => array('validate_passwords'),
'message' => 'The passwords you entered do not match.',
),
),
and the User.ctp logic before saving:
public function validate_passwords() { //password match check
return $this->data[$this->alias]['pwd'] === $this->data[$this->alias]['pwd_repeat'];
}
public function beforeSave($options = array()) { //set alias to real thing and hash password
$this->data['User']['password'] = $this->data[$this->alias]['pwd'];
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
return true;
}
回答1:
var $validate = array(
'pwd' => array(
'length' => array(
'rule' => array('between', 8, 40),
'message' => 'Your password must be between 8 and 40 characters.',
'on' => 'create', // we only need this validation on create
),
),
// if we have a password entered, we need it to match pwd_repeat (both create and update)
// we no longer need the length validation
'pwd_repeat' => array(
'compare' => array(
'rule' => array('validate_passwords'),
'message' => 'Please confirm the password',
),
),
);
public function validate_passwords() { //password match check
return $this->data[$this->alias]['pwd'] === $this->data[$this->alias]['pwd_repeat'];
}
public function beforeSave($options = Array()) {
// if we have a password, we hash it before saving
if (isset($this->data[$this->alias]['pwd'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['pwd_repeat']);
}
return true;
}
回答2:
If you are using CakePHP 2.2:
http://book.cakephp.org/2.0/en/models/data-validation.html#removing-rules-from-the-set
Also in the beforeSave function wrap the first two lines in a conditional for if both the password fields are not empty.
回答3:
For those who want something without changing the model (and keeping rule onUpdate if new password send) : Updating user with or without password - CakePHP
TL;DR :
// add in your view `app/View/Users/edit.ctp`
// a 'fake' field you'll only use on the controller
echo $this->Form->input('new_password');
// add in your controller `app/Model/User.php`
// if we have a new password, create key `password` in data
if(!empty($new_password = $this->request->data['User']['new_password']))
$this->request->data['User']['password'] = $new_password;
else // else, we remove the rules on password
$this->User->validator()->remove('password');
回答4:
Just remove the field from edit.ctp
echo $form->create('User');
echo $form->input('username');
//echo $form->input('pwd');
//echo $form->input('pwd_repeat');
echo $form->end('Submit');
Because this->request->data populates hashed password in the password field. When you save the user password hashed again and become different then original one
来源:https://stackoverflow.com/questions/21210443/cakephp-edit-users-without-changing-password