Ok this is what i've added and its not working. beforeSave never gets
called.. I tested by putting a die statement at the top.
Users controller:
function edit_profile() {
$this->User->id = $this->Session->read('User.id');
if (empty($this->data))
{
$this->data = $this->User->read();
}
else
{
if ($this->User->save($this->data)) {
$this->flash("Your profile has been saved.",
'/users/profile');
}
}
}
Model:
function beforeValidate() {
$u = &$this->data['User'];
$p1 = &$u['password'];
$p2 = &$u['password1'];
if ($p1 != $p2) {
$this->set('error', 'Passwords do not match');
return false;
}
return true;
}
function beforeSave() {
die("WTF");
$pempty = empty($this->data['User']['password']);
if ($pempty) {
$this->data['User']['password'] = $this->User->password;
}
if ($this->User->validates()) {
if (!$pempty) {
$this->data['User']['password'] =
md5($this->data['User']
['password']);
}
return true;
}
its never getting to beforeSave but it did get through beforeValidate,
i checked on that as well.. And beforeValidate passes as true..
Do i need to call something else before actually calilng save in the
controller for it to call beforeSave?? It seems like that should be
automatic. I"m going to have to bust out the source i guess.
On Jun 27, 10:01 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote:
> Good idea grant.. I was wondering how to figure that out.. I'm a bit
> unsure what you mean though about having a hashed_password field?
> I don't want to put the hashed password into a hidden input in the
> form (md5 is known for dictionary attacks, and although this site i'm
> sure would never have that happen, i still wouldnt want to use such a
> practice)
> are you talking about adding that field in at the controller or
> something.. And what is the order of execution.. does it go controller
> to beforeValidate to beforeSave? I'm thinking i could just add in a
> field into the $data array that i can use elsewhere, perhaps thats
> what you meant.
> Also, this is a profile form where they can edit anything.. I want it
> so that if they leave password and password1 fields blank, that they
> won't get changed. I was thinking that if they are empty, i can just
> unset the password index and then it should validate, correct? I'm not
> sure the details on the cake implementation but i was hoping you could
> update a row without giving all the values, and unsetting the index
> seems like it should work.
> Thanks for the help, i'll see if this works.
> Matt
>
> On Jun 27, 6:36 am, Grant Cox <[EMAIL PROTECTED]> wrote:
>
> > Its $this->User->validates( $this->data ) , not validate. Cake has
> > a habit of executing any unknown function you call on a model as SQL.
>
> > You can still do it all in the model, just use the beforeValidate to
> > validate the password submitted is ok (number of chars, matches
> > confirm password etc) and then use beforeSave to MD5 the password. As
> > you don't want to double MD5 a password it is probably best to have
> > separate fields, ie submit the form as "plain_password", and MD5 into
> > "hashed_password" (with the database only having a "hashed_password"
> > field).
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
