PHP: Re: Hashing Password in CakePHP 2.1

Sunday, April 29, 2012

Re: Hashing Password in CakePHP 2.1

Yep...cake's book says that you should there hash password :)
--

Lep pozdrav, Tilen Majerle

2012/4/29 Tilen Majerle <tilen.majerle@gmail.com>

only PHP basics :)

public function beforeSave()
{
if (isset($this->data['User']['password'])) {

$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
}

return true;
}

--
Lep pozdrav, Tilen Majerle
http://majerle.eu

2012/4/29 Charles Blackwell <charlesblackwell412@gmail.com>
This works but, is there a way to NOT has the password when the confirm method is called? Also, in your opinion is beforeSave a good way to hash the password?

Thanks!

<?php

class User extends AppModel {
public $name = 'User';

public function beforeSave() {
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);

return true;
}

<?php
App::uses('CakeEmail', 'Network/Email');

class UsersController extends AppController {
public $name = 'Users';

public $components = array('Auth', 'Email');

function beforeFilter(){
$this->Auth->allow('signup', 'confirm');

}

function signup(){
if(!empty($this->request->data)){

$this->request->data['User']['confirm_code'] = String::uuid();

$this->User->create();
if($this->User->save($this->request->data)){

$email = new CakeEmail();
$email->template('welcome', 'default')

->emailFormat('html')
->viewVars(array(

'id' => $this->User->getLastInsertID(),
'username' => $this->request->data['User']['username'],

'email' => $this->request->data['User']['email'],

'server' => $_SERVER['SERVER_NAME'],
'code' => $this->request->data['User']['confirm_code']

))
->from(array('quickwall@localhost.com' => 'QuickWall.com Administrator'))

->to($this->request->data['User']['email'])

->subject('Welcome!');
if($email->send()){

$this->Session->setFlash('Congratulations! You have signed up!');
$this->redirect(array('controller' => 'questions', 'action' => 'home'));

}
} else {
$this->Session->setFlash('There was an error signing up. Please, try again.');

$this->request->data = null;
}
}

}

function confirm($user_id=null, $code=null){

if(empty($user_id) || empty($code)){

$this->set('confirmed', 0);
$this-render();

}

$user = $this->User->read(null, $user_id);

if(empty($user)){

$this->set('confirmed', 0);
$this->render();

}

if($user['User']['confirm_code'] == $code){

$this->User->id = $user_id;
$this->User->saveField('confirmed', '1');

$this->set('confirmed', 1);
} else {

$this->set('confirmed', 0);
}
}

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.

To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.

To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php

PHP

Sunday, April 29, 2012

Re: Hashing Password in CakePHP 2.1

No comments:

Blog Archive

About Me