Re: validating password

Wed, 27 Jun 2007 23:41:12 -0700 

If i use $this->invalidate("password", "Passwords do not match");
how do i associate that in my view.. Currently my view has
<?php echo $form->input('password',
                        array('error' => 'Password must be at least 4 
characters.',
                                'type'=>'password',
                                'value' =>''));
                ?>

for the password.. If i do as you say, i still get the error about
being at least 4 characters.. Personally i'd rather not even have the
error messages in the view but in the models.. How do i set the error
from invalidate to display in the views?

On Jun 27, 4:27 pm, Grant Cox <[EMAIL PROTECTED]> wrote:
> I would use $this->invalidate('password', "Passwords do not match") -
> this way it is just the same as any other validation routine.  You
> also don't need to call beforeValidate() in your beforeSave, it is
> done automatically by Cake when you save.
>
> Your beforeSave is still MD5-ing every password that gets put in
> there.  So, if you do:
>
> $existing_user = $this->User->read(null, $user_id);
> $existing_user['User']['name'] = 'I am changing your name';
> $this->User->save( $existing_user );
>
> then your password is now double MD5'd.  What I was saying previously
> is that the field submitted from the form that has the plain text
> password should not be the actual password field used in your
> database.  So if you use "password" in the database to indicate a
> hashed password, then on your form make the field "plain_password" or
> "new_password" or something - this way in your beforeSave you know if
> it needs to be MD5'd, otherwise don't change.  The "plain_password"
> should not be saved into the db at all.  And you're right, the hashed
> password field should not appear in a form either.


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake 
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to