I would assume he is eventually going to implement SecurityComponent to
handle this issue.
On Thursday, April 4, 2013 4:32:00 AM UTC-7, André Luis wrote:
>
> I really didnt get what you want to do, but one thing... if anyone can
> register, do not use the hidden field for the role, because it´s value can
> be changed easily with some javascript, or even with webdesigner toold. For
> example, if I (studant) will register and watch the code in Chrome, with
> developer tools, and see the hidden field with que "student" value, i would
> try to change the value to "admin" for example, or try another possible
> keywords for example.
>
> Em quarta-feira, 3 de abril de 2013 20h25min51s UTC-3, Nathan Pierce
> escreveu:
>>
>> Hey all! I have to say this community is awesome. I'm pleased to see
>> there is help for newbies like me.
>>
>> I have an issue which I need suggestions for. I like doing things the
>> proper way and not creating an obtuse mess of code to do something simple.
>> Here it is:
>>
>> Uses Auth (nothing crazy)
>>
>> View - register.ctp contains a registration form:
>>
>> <?php
>> echo $this->Form->create('User', array('action' => 'register'));
>> echo $this->Form->input('full_name', array('label' => 'Full Name'));
>> echo $this->Form->input('email_register', array('label' => 'Email'));
>> echo $this->Form->input('password', array('type' => 'password', 'label'
>> => 'Password'));
>> echo $this->Form->input('password_confirm', array('type' => 'password',
>> 'label' => 'Confirm Password'));
>> echo $this->Form->hidden('role', array('value' => 'student'));
>> echo $this->Form->end('Register');
>> ?>
>>
>> Then, the layout it uses (login.ctp) calls another form:
>>
>> <?php
>> echo $this->Form->create('User', array('action' => 'login'));
>> echo $this->Form->input('email', array('label' => false, 'type' =>
>> 'email_login', 'value' => '', 'placeholder' => 'Email'));
>> echo $this->Form->input('password', array('label' => false, 'type' =>
>> 'password_login', 'value' => '', 'placeholder' => 'Password'));
>> echo $this->Form->submit('GO', array('class' => 'login_submit'));
>> echo $this->Form->end();
>> ?>
>>
>> My problem is that when register.ctp passes the data to the User.php
>> model, and does the validation, the login.ctp form gets the 'message =>'
>> from the model as well as the register.ctp form.
>>
>> Now, I need both the register.ctp and login.ctp form to check the
>> database if the email exists, run the validation if it's valid, etc etc. I
>> think you get the idea. My first idea was to change the login.ctp form from
>> input('email' to input('email_login' and have it act the same as the normal
>> email, just ignore the validation message. I looked and looked and couldn't
>> find any examples of how to achieve this.
>>
>> Any suggestions?
>>
>> Thanks!
>>
>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
