Sunday, April 29, 2012

Hashing Password in CakePHP 2.1

This works but, is there a way to NOT has the password when the confirm method is called? Also, in your opinion is beforeSave a good way to hash the password?

Thanks!

  1. <?php
  2.     class User extends AppModel {
  3.         public $name = 'User';
  4.        
  5.         public function beforeSave() {
  6.         $this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
  7.         return true;
  8.     }
  9.  
  10. <?php
  11.     App::uses('CakeEmail', 'Network/Email');
  12.     class UsersController extends AppController {       
  13.         public $name = 'Users';
  14.         public $components = array('Auth', 'Email');
  15.        
  16.         function beforeFilter(){
  17.             $this->Auth->allow('signup', 'confirm');
  18.         }
  19.  
  20.     function signup(){
  21.     if(!empty($this->request->data)){
  22.             $this->request->data['User']['confirm_code'] = String::uuid();
  23.                 $this->User->create();
  24.                 if($this->User->save($this->request->data)){
  25.                     $email = new CakeEmail();
  26.                     $email->template('welcome', 'default')
  27.                                 ->emailFormat('html')
  28.                                 ->viewVars(array(
  29.                                         'id' => $this->User->getLastInsertID(),
  30.                                         'username' => $this->request->data['User']['username'],
  31.                                         'email' => $this->request->data['User']['email'],
  32.                                         'server' => $_SERVER['SERVER_NAME'],
  33.                                         'code' => $this->request->data['User']['confirm_code']
  34.                                         ))
  35.                                 ->from(array('quickwall@localhost.com' => 'QuickWall.com Administrator'))
  36.                             ->to($this->request->data['User']['email'])
  37.                             ->subject('Welcome!');
  38.        if($email->send()){
  39.                         $this->Session->setFlash('Congratulations! You have signed up!');
  40.                         $this->redirect(array('controller' => 'questions', 'action' => 'home'));
  41.                     }
  42.                 } else {
  43.                     $this->Session->setFlash('There was an error signing up. Please, try again.');
  44.                     $this->request->data = null;
  45.                 }            
  46.             }
  47.         }
  48.        
  49.         function confirm($user_id=null, $code=null){
  50.             if(empty($user_id) || empty($code)){
  51.                 $this->set('confirmed', 0);
  52.                 $this-render();
  53.                 }
  54.            
  55.             $user = $this->User->read(null, $user_id);
  56.            
  57.             if(empty($user)){
  58.                 $this->set('confirmed', 0);
  59.                 $this->render();
  60.                 }
  61.            
  62.             if($user['User']['confirm_code'] == $code){
  63.                 $this->User->id = $user_id;
  64.                 $this->User->saveField('confirmed', '1');
  65.                 $this->set('confirmed', 1);
  66.                 } else {
  67.                     $this->set('confirmed', 0);
  68.                 }
  69.             }

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
 
 
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

No comments: