Re: Custom Function Password Match Always Triggered

Hi Ryan, Thanks for this, it will help in my documentation later. On Dec 23, 2:34 am, Ryan Schmidt wrote: > On Dec 21, 2010, at 22:45, John Maxim wrote: > > > Hi Ryan what is a wrapper ? > > A wrapper is a function that calls another function. > > http://en.wikipedia.org/wiki/Wrapper_function > >

Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 22:45, John Maxim wrote: > Hi Ryan what is a wrapper ? A wrapper is a function that calls another function. http://en.wikipedia.org/wiki/Wrapper_function > Does it make it less secure ? but seeing that it has salted added > doesn't sound like so. Using a salt makes your h

Re: Custom Function Password Match Always Triggered

Hi Ryan what is a wrapper ? Does it make it less secure ? but seeing that it has salted added doesn't sound like so. On Dec 22, 11:43 am, Ryan Schmidt wrote: > On Dec 21, 2010, at 21:37, John Maxim wrote: > > > So is it Security::hash() another function to encrypt password such > > as, md5() ? >

Re: Custom Function Password Match Always Triggered

Hi bujanga, Thanks for your complex password validation code, does it solve the problem for auto-fill password value if I used Auth ? On Dec 22, 11:16 am, bujanga wrote: > On Tue, Dec 21, 2010 at 2:57 PM, Ryan Schmidt > > wrote: > > I should add that Security::hash() does not use the salt unles

Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 21:37, John Maxim wrote: > So is it Security::hash() another function to encrypt password such > as, md5() ? Security::hash() is CakePHP's wrapper around md5, sha1, sha256, and maybe other hash algorithms, with salt added. Check out the new CakePHP Questions site http://

Re: Custom Function Password Match Always Triggered

Thanks Ryan, it works nicely. So is it Security::hash() another function to encrypt password such as, md5() ? On Dec 22, 4:57 am, Ryan Schmidt wrote: > On Dec 21, 2010, at 12:02, Ryan Schmidt wrote: > > > On Dec 21, 2010, at 11:42, John Maxim wrote: > >>                    $this->data['User']['p

Re: Custom Function Password Match Always Triggered

On Tue, Dec 21, 2010 at 2:57 PM, Ryan Schmidt wrote: > I should add that Security::hash() does not use the salt unless you tell it > to, by passing true in the third parameter. The Auth component does pass true > in the third parameter, so if you want to write code today that will store > passw

Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 12:02, Ryan Schmidt wrote: > On Dec 21, 2010, at 11:42, John Maxim wrote: >> $this->data['User']['password'] = >> md5($this->data['User']['password']); > > As I said in my previous message, use Security::hash(). Do not use md5(). If > you want Security::hash(

Re: Custom Function Password Match Always Triggered

Hi Ryan, Thanks I think I get what you're saying, going to change tomorrow, gtg, Thanks ! On Dec 22, 2:02 am, Ryan Schmidt wrote: > On Dec 21, 2010, at 11:42, John Maxim wrote: > > > > > the controller register function code is here: > > > function register() > >            { > >              if

Re: Custom Function Password Match Always Triggered

Hi Stephen, I checked on your codes, thanks. But I tried Auth earlier and I had to include this: var $components = array('Auth'); --- function beforeFilter() { parent::beforeFilter(); this->Auth->autoRedirect

Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 11:42, John Maxim wrote: > the controller register function code is here: > > function register() > { > if (!empty($this->data)) > { > $this->data['User']['password'] = md5($this->data['User'] > ['password']); >

Re: Custom Function Password Match Always Triggered

Hi, the controller register function code is here: function register() { if (!empty($this->data)) { $this->data['User']['password'] = md5($this->data['User'] ['password']); if ($this->User->save($thi

Re: Custom Function Password Match Always Triggered

Maybe this will help http://pastie.org/private/cku2m7kpvmfd7pub3q24ga On 21 December 2010 17:19, Ryan Schmidt wrote: > > On Dec 21, 2010, at 11:13, John Maxim wrote: > > > By the way I'm using md5 in controller for register function, could > > that be that reason that hinders the validation? >

Re: Custom Function Password Match Always Triggered

On Dec 21, 2010, at 11:13, John Maxim wrote: > By the way I'm using md5 in controller for register function, could > that be that reason that hinders the validation? *How* are you "using md5"? If you mean you have specified md5 as the hash algorithm for the security class by writing "Security::

Re: Custom Function Password Match Always Triggered

By the way I'm using md5 in controller for register function, could that be that reason that hinders the validation? On Dec 22, 12:42 am, John Maxim wrote: > function confirmPassword() { >                 return (($this->data[$this->alias]['password']) == >                 Security::hash($this->d

Custom Function Password Match Always Triggered

function confirmPassword() { return (($this->data[$this->alias]['password']) == Security::hash($this->data[$this->alias]['confirm_password'], null, true)); } Code 1 function confirmPassword() { $h