Re: newbie: register user

[EMAIL PROTECTED] Wed, 28 Feb 2007 12:59:56 -0800

I haven't tried this, but it should work.  Change your code to

else
{
   $this->data['User']['password'] = $pass;
   $this->Session-setFlash('Please correct errors below.');
}


or its typical to empty out any password fields on errors, but that's
up to you.

Scott


I think you can change

if($this->User->save($this->data))
{
   $this->Session->setFlash('Thank you for registering!');
   $this->redirect('/users/index');
}

On Feb 28, 9:24 am, "cbmeeks" <[EMAIL PROTECTED]> wrote:
> Below is my function to register a new user.  In the function, you
> will notice that I attempt to sha256 the password to store in the
> database.  Works great.
>
> However, just before the data is saved, the password box gets the new
> sha256-ed password.  In other words, if there is an error saving, you
> can actually SEE the sha256 password.  Which would mean that a user
> might not catch that and re-submit which would pass their password in
> as the new sha256 password.  Hope that makes sense.
>
> I know which line is doing it.  What I am asking is for a more elegant
> way.  How would you guys change this function?
>
> Thanks!
>
>                 function register()
>                 {
>                         if(empty($this->data))
>                         {
>                                 $this->render();
>                         }
>                         else
>                         {
>                                 $this->cleanUpFields();
>
>                                 
> if($this->User->findByUsername($this->data['User']['username']))
>                                 {
>                                         $this->Session->setFlash('ERROR: User 
> already exists.');
>                                         $this->redirect('/users/register');
>                                 }
>                                 else
>                                 {
>                                         // sha256 the pass
>                                         $salt = "SOMESALTVALUE";
>                                         $user = 
> $this->data['User']['username'];
>                                         $pass = 
> $this->data['User']['password'];
>                                         $this->data['User']['password'] = 
> hash('sha256',$salt.$user.
> $pass);
>
>                                         if($this->User->save($this->data))
>                                         {
>                                                 
> $this->Session->setFlash('Thank you for registering!');
>                                                 
> $this->redirect('/users/index');
>                                         }
>                                         else
>                                         {
>                                                 
> $this->Session->setFlash('Please correct errors below.');
>                                         }
>                                 }
>                         }
>                 }


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake 
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Re: newbie: register user

Reply via email to