To get around the same issue, I created a checkbox field on my user form when $id > 0. Name the field change_password or something like that, and then you can roll your logic based off that field value wether or not to change the password field.
On Jun 6, 1:33 pm, benjam <[EMAIL PROTECTED]> wrote: > I have an admin section to my site, which is protected by Auth and > using a Users table. > > The trouble I'm having is, when I set up a user, everything works just > fine. > > When I go in to edit that user, the password field gets corrupted > because instead of re-hashing the original password (which would be > impossible because it doesn't know it, unless it is specifically re- > entered in the password field), it hashes the hash that is output by > the form (the one stored in the database). > > I was wondering if there was a way to prevent it from hashing the > password if there is no password entered? > > Here is what I have so far... > > in my model: (not complete) > ======================== > var $validate = array( > 'username' => array('alphaNumeric'), > 'email' => array('email'), > 'password' => VALID_NOT_EMPTY, > ); > ======================== > > in my controller: (not complete) > ======================== > function admin_edit($id = null) { > if (!$id && empty($this->data)) { > $this->Session->setFlash(__('Invalid User', true)); > $this->redirect(array('action'=>'index')); > } > if (!empty($this->data)) { > if (empty($this->data['User']['password'])) { > unset($this->data['User']['password']); > } > if ($this->User->save($this->data)) { > $this->Session->setFlash(__('The User has > been saved', true)); > $this->redirect(array('action'=>'index')); > } else { > $this->Session->setFlash(__('The User could > not be saved. Please, > try again.', true)); > } > } > if (empty($this->data)) { > $this->data = $this->User->read(null, $id); > } > } > ======================== > > in my view: (not complete) > ======================== > <?php > echo $form->input('username'); > echo $form->input('email'); > echo '<span class="info">Leave Password field blank to keep > current > password</span>'; > echo $form->input('password', array('value' => '')); > echo $form->input('contact'); > echo $form->input('active'); > ?> > ======================== > > When I debug output $this->data right after I clear out an empty > password field in the controller, it shows a hash in the password > field, which means the data gets hashed before it gets to the > controller admin_edit method. > > Where should I put the condition to clear out the password field if > it's empty so that I can keep the current password if none is entered > in the edit form? > > And how can I make sure that when adding a user, a password is > required, but when editing a user, it is not? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---