djiize, thanks for the code sample. That's effectively what my own code was doing, except (for some stupid reason) I'd neglected to load the User model to get the hashPasswords function (in the theory that it would be loaded by the Auth component anyway, I think).
I'm with nate on this one (not because he's a god of Cake or anything) - there is no good reason why you should have to use plaintext passwords, and many good reasons not to. I've come across several websites and applications using plaintext passwords during the last 2 years I've spent as a professional web developer, and in every instance it's been for stupid reasons (like, "our users often forget their passwords and need them sent to remind them" - in which case 2- way encryption is a far better solution). Steve On Jan 18, 9:36 pm, nate <[EMAIL PROTECTED]> wrote: > Right, we make it so you have to use an annoying and silly workaround > *for a reason*. Because when it's annoying and silly, you have to > stop and think about it, because whatever it is you're trying to do is > probably wrong. Whatever problem you are trying to solve by accessing > a plaintext password can probably be solved some other way. You're > problem is not original. > > You are not special. > You are not a beautiful and unique snowflake. > You are the all-singing, all-dancing crap of the earth. > > On Jan 18, 3:32 pm, rtconner <[EMAIL PROTECTED]> wrote: > > > This particular issue is the framework trying to baby it's users. > > Telling us that we can't implement our own security practices. It's > > not even that you can turn it off if you don't want it, you just can't > > turn it off. You literally have to "deal with it" with a little > > workaround of some sort. Not that it's super hard to work around, but > > it is a work around. It's just annoying, and silly.. like I said. > > > On Jan 18, 1:14 pm, Baz <[EMAIL PROTECTED]> wrote: > > > > Now it's comments like this that help me understand why the developers > > > sometimes get frustrated with this mailing list. This statement serves > > > absolutely no purpose. It is a blind criticism without any productive > > > alternative. > > > > Frameworks are developed for the mass, not individuals. Meaning, what's > > > there is going to serve 85% of the people just fine. If you have a > > > _better_ > > > alternative, then please suggest. > > > > Otherwise, quit whining. It's not compiled code; it's PHP. If you don't > > > like > > > it, open up the bloody file and hit the delete key move on. > > > -- > > > Baz L > > > Web Development 2.0http://WebDevelopment2.com/ > > > > On Jan 18, 2008 1:31 PM, rtconner <[EMAIL PROTECTED]> wrote: > > > > > I'll just say, I love any and all complaints about that auto hashing > > > > thing. I think it's silly and annoying and shouldnt be part of cake. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
