cakePHP预先填充密码字段,并在更新时中断
我有一个用户配置文件更新页面,它用从$this->request->data收集的用户信息预先填充文本字段。一切正常,除了密码字段预填充了来自数据库的加密密码,因此在保存时,由于密码超过了允许的字符数,因此验证失败,即使存储了密码,它也会用加密的相同密码替换用户的实际密码,如果这有道理的话 这方面最好的解决办法是什么 控制器:cakePHP预先填充密码字段,并在更新时中断,cakephp,Cakephp,我有一个用户配置文件更新页面,它用从$this->request->data收集的用户信息预先填充文本字段。一切正常,除了密码字段预填充了来自数据库的加密密码,因此在保存时,由于密码超过了允许的字符数,因此验证失败,即使存储了密码,它也会用加密的相同密码替换用户的实际密码,如果这有道理的话 这方面最好的解决办法是什么 控制器: public function profile() { if($this->request->is('post') || $this->req
public function profile() {
if($this->request->is('post') || $this->request->is('put')) {
if($this->Auth->user("id") == $this->request->data['User']['id']) {
$this->request->data['User']['user_status_id'] = $this->Auth->user("user_status_id");
$this->request->data['User']['user_type_id'] = $this->Auth->user("user_type_id");
if($this->User->save($this->request->data)) {
$this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));
} else {
$this->Session->setFlash("An error has occured updating your profile.");
}
} else {
$this->Session->setFlash("Unable to save this result as there is an ID mismatch.");
}
} else {
$this->request->data = $this->User->read(null,$this->Auth->user("id"));
}
}
<h1>Profile</h1>
<h3>Update your profile</h3>
<div class="left">
<div class="formContainer">
<?php
echo $this->Form->create('User');
echo $this->Form->input('username',array("id" => "profileUsername"));
echo $this->Form->input('password',array("id" => "profilePassword"));
echo $this->Form->input('company');
echo $this->Form->input('first_name');
echo $this->Form->input('last_name');
echo $this->Form->input('telephone');
echo $this->Form->input('fax');
echo $this->Form->input('id',array('type' => 'hidden'));
echo $this->Form->end(__('Update'));
?>
</div>
</div>
查看:
public function profile() {
if($this->request->is('post') || $this->request->is('put')) {
if($this->Auth->user("id") == $this->request->data['User']['id']) {
$this->request->data['User']['user_status_id'] = $this->Auth->user("user_status_id");
$this->request->data['User']['user_type_id'] = $this->Auth->user("user_type_id");
if($this->User->save($this->request->data)) {
$this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));
} else {
$this->Session->setFlash("An error has occured updating your profile.");
}
} else {
$this->Session->setFlash("Unable to save this result as there is an ID mismatch.");
}
} else {
$this->request->data = $this->User->read(null,$this->Auth->user("id"));
}
}
<h1>Profile</h1>
<h3>Update your profile</h3>
<div class="left">
<div class="formContainer">
<?php
echo $this->Form->create('User');
echo $this->Form->input('username',array("id" => "profileUsername"));
echo $this->Form->input('password',array("id" => "profilePassword"));
echo $this->Form->input('company');
echo $this->Form->input('first_name');
echo $this->Form->input('last_name');
echo $this->Form->input('telephone');
echo $this->Form->input('fax');
echo $this->Form->input('id',array('type' => 'hidden'));
echo $this->Form->end(__('Update'));
?>
</div>
</div>
Profile
更新您的个人资料
您遇到的问题是,如果您已经按照您应该的方式存储了密码(使用单向散列),您无法将其反转以显示纯文本版本,因此您可以简单地将密码数据设置为null(将密码字段留空):
然后您有两个选项:
如果您已将密码验证规则设置为
allowEmpty=>false
,则第二个选项可能会中断您的验证,在这种情况下,您可以使用多个验证集,您可以通过以下任一方法来执行此操作(都在cakephp 2.x中工作),阅读此内容并使用此行为:
由于哈希的技术细节,密码是单向的
基本上,您永远不会将密码散列传递回视图。始终显示空字段(就像您应该在www中几乎所有其他网站上看到的那样)
然后忽略并发布为空的字段。只有在新设置密码字段时,您才真正触发验证。
$this->Form->input('password',array('value'=>null));
输出
<input name="data[User][password]" type="password" id="UserPassword">
小心!仅在编辑零件上使用此选项