Re: Bcrypt / Blowfish login form troubles.
You need to configure auth component in a different way if you're using
Blowfish. Please see http://stackoverflow.com/a/14538958
On Sunday, April 7, 2013 11:32:52 PM UTC+1, Branson Lilburn wrote:
>
> I'm having the exact same problem. Here is BaseAuthenticate::_password()
> which is called in BaseAuthenticate::_findUser(). (If you do some tracing,
> starting at User->Auth->login(), you'll end up there).
>
> protected function _password($password) {
> return Security::hash($password, null, true);
> }
>
> As you can see, it doesn't provide the stored password for the third
> parameter. There is a class
> BlowfishAuthenticatethat
> I suspect solves this problem, but I haven't figured out how to
> implement it properly.
>
>
> On Sunday, April 7, 2013 1:13:53 PM UTC-5, Moawia wrote:
>>
>> Any help please !
>>
>> On Saturday, April 6, 2013 2:42:51 PM UTC+3, Moawia Almardoud wrote:
>>>
>>> Hi,
>>>
>>> I made the field varchar 250 ... but still no chance ...
>>>
>>> *Warning* (512): Invalid salt: 1 for blowfish Please visit
>>> http://www.php.net/crypt and read the appropriate section for building
>>> blowfish salts. [*CORE/Cake/Utility/Security.php*, line *278*]
>>>
>>>
>>> any got solution for this issue ?
>>>
>>>
>>> On Saturday, December 22, 2012 12:25:24 AM UTC+3, Stafford wrote:
Hello all,
I've been struggling with getting bcrypt/blowfish to work with my login
form and hope someone can point me in the right direction.
I have a registration and login form. I've got the registration form to
hash and store passwords using bcrypt in version 2.3. My hang up now is
that I can't find any info or documentation describing how to check a
login
password against the stored password.
Using User->Auth->login() generates an error. *"Invalid salt: for
blowfish".*
Ive used Security::setHash('blowfish') in my appController and
understand the use of Security::hash(pass_string, 'blowfish',
salted_string), but have no idea how to make this work with auth->login().
Is there a setting/config file I need to update to tell Auth to use
blowfish somehow?
I appreciate help.
Thank you.
>>>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
Re: Bcrypt / Blowfish login form troubles.
I was having exactly the same issue, and by using the debug() function on
the variables used in the BlowfishAuthenticate class, I made the discovery
that my password field's length in my MySQL database table was too short.
I had been using 50 characters, but the Blowfish hashes are longer and by
comparing the hashes, I was missing about 8 chars. I increased the length
to 100 and tried creating new users and logging in and this appears to be
working now.
Also check that your user scope is set up in Auth and correct for each
user's record - that caught me out just now in testing :)
On Friday, 21 December 2012 21:25:24 UTC, Stafford wrote:
>
> Hello all,
>
> I've been struggling with getting bcrypt/blowfish to work with my login
> form and hope someone can point me in the right direction.
> I have a registration and login form. I've got the registration form to
> hash and store passwords using bcrypt in version 2.3. My hang up now is
> that I can't find any info or documentation describing how to check a login
> password against the stored password.
>
> Using User->Auth->login() generates an error. *"Invalid salt: for
> blowfish".*
> Ive used Security::setHash('blowfish') in my appController and understand
> the use of Security::hash(pass_string, 'blowfish', salted_string), but have
> no idea how to make this work with auth->login().
>
> Is there a setting/config file I need to update to tell Auth to use
> blowfish somehow?
>
> I appreciate help.
> Thank you.
>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cake-php+unsubscr...@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
Advice for building a simple CMS
I'm currently developing a CMS which aims to have the following base functionality: a) Auth component with admin routing setup b) Dynamic 'Pages' controller to load pages from the database rather than flat files c) A HTML helper to output navigation at a given level of the hierachy / breadcrumb nav in my views d) support for multiple websites Basically, I've coded a + b + d above and come up with a nice clean design, but now I've run into an issue. Previously when I've built CMS style apps, I've used the Tree behaviour with much success. However, It's possible that the CMS might power more than one site, which screws with the moveUp() and moveDown () methods for the tree behaviour. So I'm a bit lost now and was wondering: what is the best way to achieve unlimited, nested, dynamic, CMS- powered pages with the ability to change the order? I've read up on find all threaded in this group and in the book, which seems to give me the ability to create the nested page hierarchy I require, but what about reordering this data? I could cheat and order by page title, but to be honest, there will always be a client who won't want this :) Thanks in advance. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Going live with CakePHP 1.2
Hi, I wonder if anyone can help me? I've had this issue with CakePHP 1.2 and putting it onto a 'live' or 'staging' server. On my Dev server, which runs PHP 5.2.5, everything is just great. My staging server runs PHP 5.2.2. I've set things up in the following way on my staging server: /root /---cake_1.2 /---public_html -/app_name --/cake files and folders e.g. webroot My Cake app is set up to include the cake_1.2/cake folder and all the required libraries and classes. When I visit the site in a browser, it clearly works because it doesn't grumble about not finding core Cake files, but it produces an error like the following: Notice (8): Undefined property: AppController::$Property [APP/ app_controller.php, line 94] Fatal error: Call to a member function getInfo() on a non-object in / home/domain/public_html/app_name/app_controller.php on line 94 (I've just modified the fatal error above to give you a path which relates to the diagram above) Just to explain, the getInfo() function is a custom method inside one of my Models. Again, this works great locally. Upon someone's advice, I emptied the app_name/tmp folder which cleared a previous issue where paths had been cached. Lastly, all the files were uploaded from my local server via FTP. CakePHP and the project were baked on my local server originally. Any ideas would be brilliant! Thanks in advance, Rich --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Create a MySQL database with cakephp
Is there a way to do this in the model as it instantiates?
I had a dig through the API, but couldn't find anything similar to the
beforeFilter() controller method - does anything exist like that for
models?
Basically, I've love to be able to automatically create a table the
first time the controller gets requested :)
On Mar 17, 4:35 pm, "Juan Luis Baptiste" <[EMAIL PROTECTED]>
wrote:
> Hi Adam,
>
> On Thu, Mar 13, 2008 at 12:54 AM, Adam Royle <[EMAIL PROTECTED]> wrote:
>
> > In any of your models just use:
>
> > $this->query('CREATETABLEblah...');
>
> > You can also do the connection manager way...
>
> > $db = &ConnectionManager::getDataSource('default');
> > $result = $db->query('CREATETABLEblah...');
>
> That worked, thank you. Just another question, if the database that's
> being created already exists MySQL will throw up an error, is there a
> way to catch it ?
>
> Cheers,
> --
> Juan Luis Baptiste
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: email component - smtp auth (SOLVED?)
Seems like it would be better to change the default value to CRLF,
it's also used in header section where CRLF is mandatory too.
>From rfc821:
HELO
MAIL FROM:
RCPT TO:
DATA
On Nov 30, 12:33 pm, Gorka <[EMAIL PROTECTED]> wrote:
> Changed $this->_newLine from "\n" to "\r\n" and mail started to work.
> The CRLF thing applies to the whole email, and not just the ending
> "CRLF.CRLF"... I should have slept a bit more before reading the
> dmtplf doc!
>
> Anyway, if it is mandatory to end lines with CRLF and not just CR,
> shouldn't _newLine have a default value of CRLF?
>
> On 30 nov, 12:11, Gorka <[EMAIL PROTECTED]> wrote:
>
> > My fault... I was starting an SMTP connection on localhost, which is
> > of course whitelisted. Solved.
>
> > Still mail wasn't delivered, so I updated the email component to the
> > latest nightly build and now I'm getting a "451
> > Seehttp://pobox.com/~djb/docs/smtplf.html"; SMTP error. Before the update
> > the log file for qmail was showing the same error, but now Cake knows
> > it was rejected. Far as I can tell, though, the SMTP send code in
> > email component looks ok to me, ending the connection with a "LF.LF":
>
> > if (!$this->__sendData($this->__header . "\r\n" . $this->__message .
> > "\r\n\r\n\r\n.\r\n")) {
>
> > On 28 nov, 18:34, atomic <[EMAIL PROTECTED]> wrote:
>
> > > Just a quick guess:
> > > You are sending from a whitelistened ip and don't need to auth on your
> > > test system / on your testsystem SMTP Auth is disabled ?
>
> > > On Nov 28, 12:47 pm, Gorka <[EMAIL PROTECTED]> wrote:
>
> > > > In fact, on the test server I get a "503 You are already
> > > > authenticated" error message.
>
> > > > On 27 nov, 16:17, atomic <[EMAIL PROTECTED]> wrote:
>
> > > > > Afaik this fix is already comitted in the latest nightly builds.
> > > > > What do you mean with "they still don't seem to arrive".
>
> > > > > Is mail delivered correctly to your MTA but does not reach recipient ?
> > > > > Do you have access to MTA logs ?
>
> > > > > On Nov 26, 7:04 pm, Gorka <[EMAIL PROTECTED]> wrote:
>
> > > > > > I had this same issue, the server was responding "235 GO AHEAD" ans
> > > > > > not "OKauthenticated". This fixed the error on send, though emails
> > > > > > still don't seem to arrive.
>
> > > > > > On 29 oct, 21:35, atomic <[EMAIL PROTECTED]> wrote:
>
> > > > > > > I had some problems sending mail using smtp auth.
> > > > > > > MTA (postfix) always told me "lost connection after auth"
>
> > > > > > > Theemailcomponent is testing for "OKAuthenticated"
> > > > > > > which seems not RFC compliant to me, so i changend testing
> > > > > > > for return value into "235".
>
> > > > > > >email.php line 744:
> > > > > > > if (stristr($response, '235') === false)
>
> > > > > > > This should match most common used MTA.
>
> > > > > > > Regards,
> > > > > > > Andreas- Ocultar texto de la cita -
>
> > > > > - Mostrar texto de la cita -- Ocultar texto de la cita -
>
> > > - Mostrar texto de la cita -- Ocultar texto de la cita -
>
> > - Mostrar texto de la cita -
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: email component - smtp auth (SOLVED?)
Just a quick guess: You are sending from a whitelistened ip and don't need to auth on your test system / on your testsystem SMTP Auth is disabled ? On Nov 28, 12:47 pm, Gorka <[EMAIL PROTECTED]> wrote: > In fact, on the test server I get a "503 You are already > authenticated" error message. > > On 27 nov, 16:17, atomic <[EMAIL PROTECTED]> wrote: > > > Afaik this fix is already comitted in the latest nightly builds. > > What do you mean with "they still don't seem to arrive". > > > Is mail delivered correctly to your MTA but does not reach recipient ? > > Do you have access to MTA logs ? > > > On Nov 26, 7:04 pm, Gorka <[EMAIL PROTECTED]> wrote: > > > > I had this same issue, the server was responding "235 GO AHEAD" ans > > > not "OKauthenticated". This fixed the error on send, though emails > > > still don't seem to arrive. > > > > On 29 oct, 21:35, atomic <[EMAIL PROTECTED]> wrote: > > > > > I had some problems sending mail using smtp auth. > > > > MTA (postfix) always told me "lost connection after auth" > > > > > Theemailcomponent is testing for "OKAuthenticated" > > > > which seems not RFC compliant to me, so i changend testing > > > > for return value into "235". > > > > >email.php line 744: > > > > if (stristr($response, '235') === false) > > > > > This should match most common used MTA. > > > > > Regards, > > > > Andreas- Ocultar texto de la cita - > > > - Mostrar texto de la cita - --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: email component - smtp auth (SOLVED?)
Afaik this fix is already comitted in the latest nightly builds. What do you mean with "they still don't seem to arrive". Is mail delivered correctly to your MTA but does not reach recipient ? Do you have access to MTA logs ? On Nov 26, 7:04 pm, Gorka <[EMAIL PROTECTED]> wrote: > I had this same issue, the server was responding "235 GO AHEAD" ans > not "OK authenticated". This fixed the error on send, though emails > still don't seem to arrive. > > On 29 oct, 21:35, atomic <[EMAIL PROTECTED]> wrote: > > > I had some problems sending mail using smtp auth. > > MTA (postfix) always told me "lost connection after auth" > > > The email component is testing for "OK Authenticated" > > which seems not RFC compliant to me, so i changend testing > > for return value into "235". > > > email.php line 744: > > if (stristr($response, '235') === false) > > > This should match most common used MTA. > > > Regards, > > Andreas --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
email component - smtp auth (SOLVED?)
I had some problems sending mail using smtp auth. MTA (postfix) always told me "lost connection after auth" The email component is testing for "OK Authenticated" which seems not RFC compliant to me, so i changend testing for return value into "235". email.php line 744: if (stristr($response, '235') === false) This should match most common used MTA. Regards, Andreas --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
cake 1.2 input wrapper div and field validation error
Hi,
I was just wondering that field validation won't set an error class
for the wrapper div of an input field,
for highlightning the hole row or something like that.
So i changed in form.php from line 518 and following:
if(!empty($div)) {
$divOptions = array('class'=>'input');
if (is_string($div)) {
$divOptions['class'] = $div;
} elseif (is_array($div)) {
$divOptions = am($divOptions, $div);
}
if (in_array($this->field(), $this->fieldset['validates'])) {
$divOptions = $this->addClass($divOptions, 'required');
}
// here the magic happens
if ($this->tagIsInvalid()) {
$divOptions = $this->addClass($divOptions, 'form-error');
}
}
Did I miss something ?
Regards,
Andreas
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Strange validation behavior cake 1.2.x.x_19.06.2007
Hi toghether,
I have discovered some strange behavior while building a registration
component for my app. I have tried different cake versions and latest
nightly build.
Easy example for User Model:
var $validate = array(
'firstname' => VALID_NOT_EMPTY,
'lastname' => VALID_NOT_EMPTY,
'agb' => VALID_NOT_EMPTY
);
Registration Controller:
class RegistrationController extends AppController
{
var $name = "Registration";
var $uses = array('User');
function index()
{
if (!empty($this->data)) {
if ($this->User->create($this->data) && $this->User-
>validates()) {
$this->set('valid', true);
if ($this->User->save($this->data))
{
$this->flash('Your post has been saved.','/
posts');
}
}
}
else {
$this->render();
}
}
}
I was wondering that every time I tried to validate my post data
validation result is true.
My original view:
create('Registration', array('type' => 'post', 'url'
=> '/registration/')); ?>
Data is not validated and an empty row is insert into database.
If I change into
create('User', array('type' => 'post', 'url' => '/
registration/')); ?>
validation behaves correct. Saving data also.
I would expect if I post data[Registration][firstname] may it will not
be validated, ok my fault, but validation should detect that there is
no data[User][firstname] and abort saving? Any suggestions ?
Regards,
Andreas
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
