even better: use $this->Auth->password() from the auth component (if you use it)
On 11 Feb., 23:21, Ryan Schmidt <[email protected]> wrote: > On Feb 11, 2011, at 00:13, Ed wrote: > > > I am new to Cake but, am diving in head first... I've tried several > > different types of coding examples on how to allow a User to change > > their password. This is the version I am trying and we (my group) do > > have Auth working, so 'User' needs to be "Auth.User" ... Can anyone > > give me an idea why it doesn't work? > > Define "doesn't work". > > > function change_password() { > > if (!empty($this->data)) { > > $user = $this->Session->read("Auth.User"); > > $this->User->id = $user['id']; > > $someone = $this->User->findById($this->User->id); > > if(md5($this->data['change']['oldpassword']) != > > $someone["Auth.User"]['password']) { > > Don't call md5; use the salted hash function provided by CakePHP: > Security::hash(). -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
