Re: I want to change password using cake php
Ok, you want to change a password in cake. you have to have somthing like this: old password: _ new password: confirm new password: right?? so first you have to make a method in UsersController called changePassword(){} and a view in foldes Users called change_password.ctp in the change password you have to put: public function changePassword($id = null) { if ($this->data) { if ($this->User->save($this->data)) $this->Session->setFlash('Password changed successfully'); else $this->Session->setFlash('The password was not changed'); } else { $this->data = $this->User->read(null, $id); } } in change_password.ctp: Form->create();?> Form->input('id');?> Form->input('current_password',array('type'=>'password'));?> Form->input('password',array('label'=>'New password','value'=>''));?> Form->input('password_confirmation',array('label'=>'confirm your password','type'=>'password', 'value'=>''));?> Form->end('change');?> in User model put: public $validate = array( 'password' => array( 'Not empty' => array( 'rule' => 'notEmpty', 'message' => 'please enter your password' ), 'Match passwords' => array( 'rule' => 'matchPasswords', 'message' => 'your passwords do not match' ) ), 'password_confirmation' => array( 'Not empty' => array( 'rule' => 'notEmpty', 'message' => 'please confirm your password' ) ), 'current_password' => array( 'notempty' => array('rule' => 'notEmpty', 'message' => 'please enter your old password'), 'check password' => array('rule' => 'checkPassword', 'message' => 'your password is not correct') ) ); public function matchPasswords($data) { if ($data['password'] == $this->data['User']['password_confirmation']) return true; $this->invalidate('password_confirmation', 'your passwords do not match'); return false; } public function checkPassword($data) { $user1=new User(); $user=$user1->read(null, $this->data['User']['id']); $current_password=AuthComponent::password($data['current_password']); if($current_password==$user['User']['password']){ return true; } return false; } On Tuesday, December 25, 2012 4:24:10 PM UTC+2, sweety wrote: > > > -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Cake 2.2 Auth login failure
Post your AppController and UsersController(login method), and a screenshot of your users table. On Monday, December 31, 2012 11:40:48 PM UTC+2, Martin Halla wrote: > > Hi, > > I have this app that uses the Auth component for login Everything works on > the local machine, but fails big time live at : > > http://ncln.halladesign.com > > Can you tell me why ? > > Here are more details : > > user : te...@test.com > password : password > acl plugin by alexo > > Thanks! > > -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Access to specific data cakephp 2.x
I already used that way to solve what I want. I wanted something like "acl solution", hehe. Thank you for your answer Best regards Paulo On Tuesday, December 25, 2012 4:53:22 AM UTC+2, zuha wrote: > > Is there a reason you don't just do access control in the controller then? > ie. > > if ($this->request->data['User']['creator_id'] == $this->Session->read(' > Auth.User.id')) { > $this->BlogPost->save($this->request->data); > } > > BTW, Zuha has a behavior called the UsableBehavior which could probably be > modified to do what you're trying to do with a new function or two added to > it. > https://github.com/zuha/Zuha/tree/master/app/Plugin/Users/Model/Behavior > > > > On Monday, December 24, 2012 6:12:02 PM UTC-5, Paulo Braga wrote: >> >> Hi Rob. Thanks for your answer, the behavior is very interesting. >> >> I think I did not express myself well, I dont want just to set that a >> user has only access to the posts he created. >> >> I want also to configure for example: >> >> We have hotels around a country from the same organization, so in each >> city there's a manager, and I want a manager to manage just the hotels in >> his city. but this hotels can be created by another user(admin), is it >> possible? I did it with isAuthorized() method, but it requires a lot of >> "code (ugly code)° :p >> >> Paulo >> >> On Monday, December 24, 2012 3:08:31 PM UTC+2, Rob M wrote: >>> >>> Hi Paulo: You are describing row-level access control, and I am doing >>> that with CakePHP 2.0 using a modified version of Daniel >>> Vecchiato's WhoDidIt Model Behavior ( >>> https://github.com/danfreak/4cakephp/tree/master/models/behaviors). >>> Then I check in the controller to see if the id in the table for the person >>> who created the record matches the id of the person who is trying to modify >>> it. - Rob >>> >>> On Sunday, December 23, 2012 4:01:28 PM UTC-5, Paulo Braga wrote: >>>> >>>> Hi people. >>>> >>>> I am using cakephp 2.x, and I am trying to build a system with group >>>> permissions, ok, I used Acl and Auth component without problem. >>>> >>>> Now I want to configure access to specific data. for example: >>>> >>>> we have a blog app, and we have users, posts, etc. >>>> an admin can do anything(no problems); >>>> a post is posted by a user. (some problems here); >>>> >>>> With acl I configured that admin group can do anything. and that user >>>> group can just do anything in posts(add, list, edit, delete). everything >>>> is >>>> working. >>>> >>>> But I dont want a user to edit,delete,list posts that were not created >>>> by him. >>>> >>>> I used to do it with the method isAuthorized(), but imagining a big >>>> app, I think it will be too hard to codify it. >>>> >>>> is there a "clean" way to do it??? >>>> >>>> -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Access to specific data cakephp 2.x
Hi rob, thanks for your answer, I already used that solution in some projects, but I thought that there was an acl solution to do it but as I see, there is no. Thank you, WhoDidIt is very interesting. Best regards On Tuesday, December 25, 2012 1:35:59 PM UTC+2, Rob M wrote: > > Hi Paulo: > To answer your first question: give everyone access to every post by > *not*checking to see who owns it in the Controller::index() and > Controller::view() methods. Give only the post's writer the ability to > edit/delete the post by checking first to see who owns it in the > Controller::edit() and Controller::delete() methods. With the > aforementioned WhoDidIt behavior we're talking about only one additional > line of controller code plus one additional condition: > $user = $this->Session->Read('Auth.User.id'); > > ...so in the Controller::delete() function (for example): > function delete($id = null) { > if (!$id) { > $this->Session->setFlash(__('Invalid id for Post')); > $this->redirect(array('action'=>'index')); > } > *$*user* = $this->Session->Read('Auth.User.id'); *// Only allow deletes > from user's own records > if (*$this->Post->field('created_by', array('id' => $id)) == $user* && > $this->Post->delete($id)) { > $this->Session->setFlash(__('Post deleted')); > } > $this->Session->setFlash(__('Post was not deleted')); > } > > To answer your second question: same idea. Check that the manager logged > in has access to the controller function on that hotel *in the > appropriate controller function*. > -Rob > > On Monday, December 24, 2012 6:12:02 PM UTC-5, Paulo Braga wrote: >> >> Hi Rob. Thanks for your answer, the behavior is very interesting. >> >> I think I did not express myself well, I dont want just to set that a >> user has only access to the posts he created. >> >> I want also to configure for example: >> >> We have hotels around a country from the same organization, so in each >> city there's a manager, and I want a manager to manage just the hotels in >> his city. but this hotels can be created by another user(admin), is it >> possible? I did it with isAuthorized() method, but it requires a lot of >> "code (ugly code)° :p >> >> Paulo >> >> On Monday, December 24, 2012 3:08:31 PM UTC+2, Rob M wrote: >>> >>> Hi Paulo: You are describing row-level access control, and I am doing >>> that with CakePHP 2.0 using a modified version of Daniel >>> Vecchiato's WhoDidIt Model Behavior ( >>> https://github.com/danfreak/4cakephp/tree/master/models/behaviors). >>> Then I check in the controller to see if the id in the table for the person >>> who created the record matches the id of the person who is trying to modify >>> it. - Rob >>> >>> On Sunday, December 23, 2012 4:01:28 PM UTC-5, Paulo Braga wrote: >>>> >>>> Hi people. >>>> >>>> I am using cakephp 2.x, and I am trying to build a system with group >>>> permissions, ok, I used Acl and Auth component without problem. >>>> >>>> Now I want to configure access to specific data. for example: >>>> >>>> we have a blog app, and we have users, posts, etc. >>>> an admin can do anything(no problems); >>>> a post is posted by a user. (some problems here); >>>> >>>> With acl I configured that admin group can do anything. and that user >>>> group can just do anything in posts(add, list, edit, delete). everything >>>> is >>>> working. >>>> >>>> But I dont want a user to edit,delete,list posts that were not created >>>> by him. >>>> >>>> I used to do it with the method isAuthorized(), but imagining a big >>>> app, I think it will be too hard to codify it. >>>> >>>> is there a "clean" way to do it??? >>>> >>>> -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Re: Access to specific data cakephp 2.x
Hi Rob. Thanks for your answer, the behavior is very interesting. I think I did not express myself well, I dont want just to set that a user has only access to the posts he created. I want also to configure for example: We have hotels around a country from the same organization, so in each city there's a manager, and I want a manager to manage just the hotels in his city. but this hotels can be created by another user(admin), is it possible? I did it with isAuthorized() method, but it requires a lot of "code (ugly code)° :p Paulo On Monday, December 24, 2012 3:08:31 PM UTC+2, Rob M wrote: > > Hi Paulo: You are describing row-level access control, and I am doing that > with CakePHP 2.0 using a modified version of Daniel Vecchiato's WhoDidIt > Model Behavior ( > https://github.com/danfreak/4cakephp/tree/master/models/behaviors). Then > I check in the controller to see if the id in the table for the person who > created the record matches the id of the person who is trying to modify it. > - Rob > > On Sunday, December 23, 2012 4:01:28 PM UTC-5, Paulo Braga wrote: >> >> Hi people. >> >> I am using cakephp 2.x, and I am trying to build a system with group >> permissions, ok, I used Acl and Auth component without problem. >> >> Now I want to configure access to specific data. for example: >> >> we have a blog app, and we have users, posts, etc. >> an admin can do anything(no problems); >> a post is posted by a user. (some problems here); >> >> With acl I configured that admin group can do anything. and that user >> group can just do anything in posts(add, list, edit, delete). everything is >> working. >> >> But I dont want a user to edit,delete,list posts that were not created by >> him. >> >> I used to do it with the method isAuthorized(), but imagining a big app, >> I think it will be too hard to codify it. >> >> is there a "clean" way to do it??? >> >> -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.
Access to specific data cakephp 2.x
Hi people. I am using cakephp 2.x, and I am trying to build a system with group permissions, ok, I used Acl and Auth component without problem. Now I want to configure access to specific data. for example: we have a blog app, and we have users, posts, etc. an admin can do anything(no problems); a post is posted by a user. (some problems here); With acl I configured that admin group can do anything. and that user group can just do anything in posts(add, list, edit, delete). everything is working. But I dont want a user to edit,delete,list posts that were not created by him. I used to do it with the method isAuthorized(), but imagining a big app, I think it will be too hard to codify it. is there a "clean" way to do it??? -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php?hl=en.