To get around the same issue, I created a checkbox field on my user
form when $id > 0. Name the field change_password or something like
that, and then you can roll your logic based off that field value
wether or not to change the password field.
On Jun 6, 1:33 pm, benjam <[EMAIL PROTECTED]> wrote:
> I have an admin section to my site, which is protected by Auth and
> using a Users table.
>
> The trouble I'm having is, when I set up a user, everything works just
> fine.
>
> When I go in to edit that user, the password field gets corrupted
> because instead of re-hashing the original password (which would be
> impossible because it doesn't know it, unless it is specifically re-
> entered in the password field), it hashes the hash that is output by
> the form (the one stored in the database).
>
> I was wondering if there was a way to prevent it from hashing the
> password if there is no password entered?
>
> Here is what I have so far...
>
> in my model: (not complete)
> ========================
> var $validate = array(
> 'username' => array('alphaNumeric'),
> 'email' => array('email'),
> 'password' => VALID_NOT_EMPTY,
> );
> ========================
>
> in my controller: (not complete)
> ========================
> function admin_edit($id = null) {
> if (!$id && empty($this->data)) {
> $this->Session->setFlash(__('Invalid User', true));
> $this->redirect(array('action'=>'index'));
> }
> if (!empty($this->data)) {
> if (empty($this->data['User']['password'])) {
> unset($this->data['User']['password']);
> }
> if ($this->User->save($this->data)) {
> $this->Session->setFlash(__('The User has
> been saved', true));
> $this->redirect(array('action'=>'index'));
> } else {
> $this->Session->setFlash(__('The User could
> not be saved. Please,
> try again.', true));
> }
> }
> if (empty($this->data)) {
> $this->data = $this->User->read(null, $id);
> }
> }
> ========================
>
> in my view: (not complete)
> ========================
> <?php
> echo $form->input('username');
> echo $form->input('email');
> echo '<span class="info">Leave Password field blank to keep
> current
> password</span>';
> echo $form->input('password', array('value' => ''));
> echo $form->input('contact');
> echo $form->input('active');
> ?>
> ========================
>
> When I debug output $this->data right after I clear out an empty
> password field in the controller, it shows a hash in the password
> field, which means the data gets hashed before it gets to the
> controller admin_edit method.
>
> Where should I put the condition to clear out the password field if
> it's empty so that I can keep the current password if none is entered
> in the edit form?
>
> And how can I make sure that when adding a user, a password is
> required, but when editing a user, it is not?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
