I have an admin section to my site, which is protected by Auth and
using a Users table.
The trouble I'm having is, when I set up a user, everything works just
fine.
When I go in to edit that user, the password field gets corrupted
because instead of re-hashing the original password (which would be
impossible because it doesn't know it, unless it is specifically re-
entered in the password field), it hashes the hash that is output by
the form (the one stored in the database).
I was wondering if there was a way to prevent it from hashing the
password if there is no password entered?
Here is what I have so far...
in my model: (not complete)
========================
var $validate = array(
'username' => array('alphaNumeric'),
'email' => array('email'),
'password' => VALID_NOT_EMPTY,
);
========================
in my controller: (not complete)
========================
function admin_edit($id = null) {
if (!$id && empty($this->data)) {
$this->Session->setFlash(__('Invalid User', true));
$this->redirect(array('action'=>'index'));
}
if (!empty($this->data)) {
if (empty($this->data['User']['password'])) {
unset($this->data['User']['password']);
}
if ($this->User->save($this->data)) {
$this->Session->setFlash(__('The User has been
saved', true));
$this->redirect(array('action'=>'index'));
} else {
$this->Session->setFlash(__('The User could not
be saved. Please,
try again.', true));
}
}
if (empty($this->data)) {
$this->data = $this->User->read(null, $id);
}
}
========================
in my view: (not complete)
========================
<?php
echo $form->input('username');
echo $form->input('email');
echo '<span class="info">Leave Password field blank to keep
current
password</span>';
echo $form->input('password', array('value' => ''));
echo $form->input('contact');
echo $form->input('active');
?>
========================
When I debug output $this->data right after I clear out an empty
password field in the controller, it shows a hash in the password
field, which means the data gets hashed before it gets to the
controller admin_edit method.
Where should I put the condition to clear out the password field if
it's empty so that I can keep the current password if none is entered
in the edit form?
And how can I make sure that when adding a user, a password is
required, but when editing a user, it is not?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
