Thanks Henry. I'm working on learning ACL right now, so I might not need a
solution to this anymore. Thanks!
On Saturday, April 6, 2013 2:02:10 PM UTC-4, Henry Turk wrote:
>
> I would assume he is eventually going to implement SecurityComponent to
> handle this issue.
>
> On Thursday, April 4, 2013 4:32:00 AM UTC-7, André Luis wrote:
>>
>> I really didnt get what you want to do, but one thing... if anyone can
>> register, do not use the hidden field for the role, because it´s value can
>> be changed easily with some javascript, or even with webdesigner toold. For
>> example, if I (studant) will register and watch the code in Chrome, with
>> developer tools, and see the hidden field with que "student" value, i would
>> try to change the value to "admin" for example, or try another possible
>> keywords for example.
>>
>> Em quarta-feira, 3 de abril de 2013 20h25min51s UTC-3, Nathan Pierce
>> escreveu:
>>>
>>> Hey all! I have to say this community is awesome. I'm pleased to see
>>> there is help for newbies like me.
>>>
>>> I have an issue which I need suggestions for. I like doing things the
>>> proper way and not creating an obtuse mess of code to do something simple.
>>> Here it is:
>>>
>>> Uses Auth (nothing crazy)
>>>
>>> View - register.ctp contains a registration form:
>>>
>>> <?php
>>> echo $this->Form->create('User', array('action' => 'register'));
>>> echo $this->Form->input('full_name', array('label' => 'Full Name'));
>>> echo $this->Form->input('email_register', array('label' => 'Email'));
>>> echo $this->Form->input('password', array('type' => 'password', 'label'
>>> => 'Password'));
>>> echo $this->Form->input('password_confirm', array('type' => 'password',
>>> 'label' => 'Confirm Password'));
>>> echo $this->Form->hidden('role', array('value' => 'student'));
>>> echo $this->Form->end('Register');
>>> ?>
>>>
>>> Then, the layout it uses (login.ctp) calls another form:
>>>
>>> <?php
>>> echo $this->Form->create('User', array('action' => 'login'));
>>> echo $this->Form->input('email', array('label' => false, 'type' =>
>>> 'email_login', 'value' => '', 'placeholder' => 'Email'));
>>> echo $this->Form->input('password', array('label' => false, 'type' =>
>>> 'password_login', 'value' => '', 'placeholder' => 'Password'));
>>> echo $this->Form->submit('GO', array('class' => 'login_submit'));
>>> echo $this->Form->end();
>>> ?>
>>>
>>> My problem is that when register.ctp passes the data to the User.php
>>> model, and does the validation, the login.ctp form gets the 'message =>'
>>> from the model as well as the register.ctp form.
>>>
>>> Now, I need both the register.ctp and login.ctp form to check the
>>> database if the email exists, run the validation if it's valid, etc etc. I
>>> think you get the idea. My first idea was to change the login.ctp form from
>>> input('email' to input('email_login' and have it act the same as the normal
>>> email, just ignore the validation message. I looked and looked and couldn't
>>> find any examples of how to achieve this.
>>>
>>> Any suggestions?
>>>
>>> Thanks!
>>>
>>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
