I think the cleanest way to handle this issue is to use model's
beforeSave method to encrypt the plaintext password as this method is
called AFTER validation is done. This way you can maintain your
original validation code and it is more readable and understandable
and you do not have to mess with any view files either.
In your user model, specify the following:
function beforeSave() {
$this->data['User']['password'] = md5($this->data['User']
['password']);
return true;
}
And of course you need the original validation rule for the field
'password'.
Br,
Jani
On Sep 28, 3:05 pm, Smelly_Eddie <OlliT...@gmail.com> wrote:
> Mario:
>
> I wrote some code that not only checks for a min. length, but also
> requires a 'strong' password.
>
> This means i make users use at least 1 non-word character and a
> digit. (ex. pas5_word). And I make them enter it twice!
>
> I use unique error messages to warn when they dont match, and when it
> is an invalid pattern. Helps eliminate user frustration.
>
> I would love to hear your thoughts on it, and i hope it at least gets
> you started if it doesn't meet your needs.
>
> http://edwardawebb.com/programming/php-programming/cakephp/heavy-duty...
>
> Best Regards,
>
> On Sep 27, 7:18 am, mario <marioqta...@gmail.com> wrote:
>
> > i already have a 'password2' in my form for password confirmation.
> > Can you please give me an example of what you are referring about?
>
> > Thanks.^_^
>
> > On Sep 27, 3:50 am, "Jon Bennett" <jmbenn...@gmail.com> wrote:
>
> > > > > I want to validate the length of my password using the cakephp model's
> > > > > validation. However, since the password is being hashed before it is
> > > > > saved on the database, my length validation criteria becomes void. We
> > > > > all know that a hashed password contains many characters.
>
> > > > I would make a copy of 'password' before it gets to the Auth
> > > > component, and add a rule for that instead.
>
> > > hmm, might have been a little hasty there, as you won't have a field
> > > in your form for 'password_plain' and therefore won't ever see the
> > > error message. How about adding an extra field to your form of
> > > 'password_confirm', then adding the rule to that. If the confirmation
> > > fails you'll then see the error message (and you can check they are
> > > the same).
>
> > > hth
>
> > > jon
>
> > > --
>
> > > jon bennett
> > > w:http://www.jben.net/
> > > iChat (AIM): jbendotnet Skype: jon-bennett
>
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment