Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Actually the problem is that if i DO call parent::beforeFilter() the
application does not work.
The only way the application is working as it should is by NOT calling
parent::beforeFilter()
My before filter function with only $this-Auth-allow('index'); in
it, lets everything work as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter() which shouldn't be the
case in my opinion.
That's where my problem lies in trying to understand if this is a bug
or i'm missing something else.
The only place I'm calling parent:beforeFilter() is under the users
controller so that my custom made hashing function allows people to
log in. But if I call it anywhere else, then Add and Edit do not work
properly and you never get into the ADD and Edit forms even though you
are logged in.
Any ideas?
On Sep 26, 2:54 am, Dr. Loboto drlob...@gmail.com wrote:
If all your problems was because of forgotten parent::beforeFilter()
call it is only your problem, not cake one.
On Sep 26, 12:38 am, gparra gpa...@gmail.com wrote:
Does anyone have a good sense of whether this is could be considered a
bug and if so, how can i submit it as one to the CakePhp community?
My code works how I want it to work, but it certainly doesn't look
like what I think CakePhp intended, I don't want to build my whole
site using it and one day have to change everything when an update of
CakePhp breaks it all.
I'd rather submitt a bug, track it, help if i can and make sure it
works as intended in the future versions.
I'll appreciate any comments.
Thank you.
On Sep 17, 11:56 pm, gparra gpa...@gmail.com wrote:
Oh, by the way, I realized afterwards.
Make sure you users_controller either doesn't have a beforeFilter()
function or if it does, it calls parent::beforeFilter() as the first
thing it does. Otherwise you won't be able to login or out with the
custom hash in the model. (I know this makes it even more confusing to
figure out how the whole thing is working, but at least it is, and
that's really where I wanted it to be in the first place.)
On Sep 17, 11:41 pm, gparra gpa...@gmail.com wrote:
Ok, so basically I left it working as intended, but I'm not sure this
is the way CakePHP intended for me to write it so it would work.
I tried removing isAuthorized and that made any controller without a
beforeFilter() function claiming for a definition of isAuthorized.
I tried four different controllers with the above mentioned
app_controller:
1. No before filter function - Everything is accessible without a
password, but add and edit don't send you to the form, put you back on
index displaying the flash The controller has been saved
2. Before filter function with:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
In this case, nothing requires a login and Add and Edit behave the
same way as with 1.
3. Before filter function with only $this-Auth-allow('index'); -
Here everything works as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter()
4. Empty beforeFilter() function - Everything requires a password
(even though the app_controller says allow('*'), but after the
password is entered, everything behaves as it should.
Thus since i was uncomfortable with the fact that my solution combined
an allow('*') in the app_controller with an empty beforeFilter()
function, i decided to try allow('display') again and combined it with
number 3 above. This way It would at least make sense that everything
would require a password except for index and display, even though not
calling parent::beforeFilter() wasn't being called.
And that worked. so my final combination 'weird solution' looks like
this:
app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('display');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}}
?
controller before filter:
function beforeFilter(){
$this-Auth-allow('index');
}
User model hashpasswords:
function hashPasswords($data
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Does anyone have a good sense of whether this is could be considered a
bug and if so, how can i submit it as one to the CakePhp community?
My code works how I want it to work, but it certainly doesn't look
like what I think CakePhp intended, I don't want to build my whole
site using it and one day have to change everything when an update of
CakePhp breaks it all.
I'd rather submitt a bug, track it, help if i can and make sure it
works as intended in the future versions.
I'll appreciate any comments.
Thank you.
On Sep 17, 11:56 pm, gparra gpa...@gmail.com wrote:
Oh, by the way, I realized afterwards.
Make sure you users_controller either doesn't have a beforeFilter()
function or if it does, it calls parent::beforeFilter() as the first
thing it does. Otherwise you won't be able to login or out with the
custom hash in the model. (I know this makes it even more confusing to
figure out how the whole thing is working, but at least it is, and
that's really where I wanted it to be in the first place.)
On Sep 17, 11:41 pm, gparra gpa...@gmail.com wrote:
Ok, so basically I left it working as intended, but I'm not sure this
is the way CakePHP intended for me to write it so it would work.
I tried removing isAuthorized and that made any controller without a
beforeFilter() function claiming for a definition of isAuthorized.
I tried four different controllers with the above mentioned
app_controller:
1. No before filter function - Everything is accessible without a
password, but add and edit don't send you to the form, put you back on
index displaying the flash The controller has been saved
2. Before filter function with:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
In this case, nothing requires a login and Add and Edit behave the
same way as with 1.
3. Before filter function with only $this-Auth-allow('index'); -
Here everything works as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter()
4. Empty beforeFilter() function - Everything requires a password
(even though the app_controller says allow('*'), but after the
password is entered, everything behaves as it should.
Thus since i was uncomfortable with the fact that my solution combined
an allow('*') in the app_controller with an empty beforeFilter()
function, i decided to try allow('display') again and combined it with
number 3 above. This way It would at least make sense that everything
would require a password except for index and display, even though not
calling parent::beforeFilter() wasn't being called.
And that worked. so my final combination 'weird solution' looks like
this:
app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('display');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}}
?
controller before filter:
function beforeFilter(){
$this-Auth-allow('index');
}
User model hashpasswords:
function hashPasswords($data) {
$data['User']['pass'] = md5($data['User']['pass']);
return $data;
}
This allows me to move forward with an authenticated app that allows
index without credentials and lets me leave everything else working as
it should.
The downside is that if this is a bug I'm going to have to re-write
all the stuff once it gets fixed and that will be a big pain since I
have to put either and empty beforeFilter() function or one with the
allow index in every single controller I need to have authentication.
I hope my solution helps someone else in the future, or is at least
used for debugging of Cake. If I'm wrong though and I'm doing
something silly that is making me have this not so nice behavior I'll
be happy to swallow my words and venerate CakePHP accordingly so
please let me know if I am!
Thank you!
On Sep 17, 9:41 am, gparra gpa...@gmail.com wrote:
I'll give the authorize thing a try again, although I didn't have it
in the previous version, I don't think it will make a difference.
I did read a lot about whether to use the salt or not, for other
things rather than just the password hashing and Cake doesn't only use
it for the password hashing but also for other things, like cookies I
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Ok, so basically I left it working as intended, but I'm not sure this
is the way CakePHP intended for me to write it so it would work.
I tried removing isAuthorized and that made any controller without a
beforeFilter() function claiming for a definition of isAuthorized.
I tried four different controllers with the above mentioned
app_controller:
1. No before filter function - Everything is accessible without a
password, but add and edit don't send you to the form, put you back on
index displaying the flash The controller has been saved
2. Before filter function with:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
In this case, nothing requires a login and Add and Edit behave the
same way as with 1.
3. Before filter function with only $this-Auth-allow('index'); -
Here everything works as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter()
4. Empty beforeFilter() function - Everything requires a password
(even though the app_controller says allow('*'), but after the
password is entered, everything behaves as it should.
Thus since i was uncomfortable with the fact that my solution combined
an allow('*') in the app_controller with an empty beforeFilter()
function, i decided to try allow('display') again and combined it with
number 3 above. This way It would at least make sense that everything
would require a password except for index and display, even though not
calling parent::beforeFilter() wasn't being called.
And that worked. so my final combination 'weird solution' looks like
this:
app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('display');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}
}
?
controller before filter:
function beforeFilter(){
$this-Auth-allow('index');
}
User model hashpasswords:
function hashPasswords($data) {
$data['User']['pass'] = md5($data['User']['pass']);
return $data;
}
This allows me to move forward with an authenticated app that allows
index without credentials and lets me leave everything else working as
it should.
The downside is that if this is a bug I'm going to have to re-write
all the stuff once it gets fixed and that will be a big pain since I
have to put either and empty beforeFilter() function or one with the
allow index in every single controller I need to have authentication.
I hope my solution helps someone else in the future, or is at least
used for debugging of Cake. If I'm wrong though and I'm doing
something silly that is making me have this not so nice behavior I'll
be happy to swallow my words and venerate CakePHP accordingly so
please let me know if I am!
Thank you!
On Sep 17, 9:41 am, gparra gpa...@gmail.com wrote:
I'll give the authorize thing a try again, although I didn't have it
in the previous version, I don't think it will make a difference.
I did read a lot about whether to use the salt or not, for other
things rather than just the password hashing and Cake doesn't only use
it for the password hashing but also for other things, like cookies I
believe. So I rather keep using the Cake salt, just not for password
hashing.
I will give it a shot removing it from the core config and removing my
own hashpassword function. Just to see if I get the right behavior.
I'm pretty confused at the last thing though. Empty beforeFilter()
functions make the controllers behave as intended? that's just
weird :)
And everything else does look correct.
Will give the authorize and salt thing a try tonight, I won't be able
to work on it until late today.
Maybe the session is confusing the salt when opening an add or edit
function and spitting me out straight to The controller has been
saved. (Which would be a bug since if there's problems with the salt
and its not letting me into the add or edit form, the flash should say
something like Cannot add controller or Cannot edit controller
instead of the message I'm getting.
Thanks.
On Sep 17, 9:17 am, Miles J mileswjohn...@gmail.com wrote:
Try removing the isAuthorized, especially if there is no logic in it.
That may be the problem, not sure. Everything else looks correct
though.
Also, if you want to use md5() hashing but not use a salt, just set
the salt to empty in the core config
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
One thing I forgot (actually realized after I posted)
Don't forget to put in your users controller the following beforeFilter
() so you can login and out of the apps :)
function beforeFilter() {
$this-Auth-allow('login','logout');
}
On Sep 17, 11:41 pm, gparra gpa...@gmail.com wrote:
Ok, so basically I left it working as intended, but I'm not sure this
is the way CakePHP intended for me to write it so it would work.
I tried removing isAuthorized and that made any controller without a
beforeFilter() function claiming for a definition of isAuthorized.
I tried four different controllers with the above mentioned
app_controller:
1. No before filter function - Everything is accessible without a
password, but add and edit don't send you to the form, put you back on
index displaying the flash The controller has been saved
2. Before filter function with:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
In this case, nothing requires a login and Add and Edit behave the
same way as with 1.
3. Before filter function with only $this-Auth-allow('index'); -
Here everything works as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter()
4. Empty beforeFilter() function - Everything requires a password
(even though the app_controller says allow('*'), but after the
password is entered, everything behaves as it should.
Thus since i was uncomfortable with the fact that my solution combined
an allow('*') in the app_controller with an empty beforeFilter()
function, i decided to try allow('display') again and combined it with
number 3 above. This way It would at least make sense that everything
would require a password except for index and display, even though not
calling parent::beforeFilter() wasn't being called.
And that worked. so my final combination 'weird solution' looks like
this:
app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('display');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}}
?
controller before filter:
function beforeFilter(){
$this-Auth-allow('index');
}
User model hashpasswords:
function hashPasswords($data) {
$data['User']['pass'] = md5($data['User']['pass']);
return $data;
}
This allows me to move forward with an authenticated app that allows
index without credentials and lets me leave everything else working as
it should.
The downside is that if this is a bug I'm going to have to re-write
all the stuff once it gets fixed and that will be a big pain since I
have to put either and empty beforeFilter() function or one with the
allow index in every single controller I need to have authentication.
I hope my solution helps someone else in the future, or is at least
used for debugging of Cake. If I'm wrong though and I'm doing
something silly that is making me have this not so nice behavior I'll
be happy to swallow my words and venerate CakePHP accordingly so
please let me know if I am!
Thank you!
On Sep 17, 9:41 am, gparra gpa...@gmail.com wrote:
I'll give the authorize thing a try again, although I didn't have it
in the previous version, I don't think it will make a difference.
I did read a lot about whether to use the salt or not, for other
things rather than just the password hashing and Cake doesn't only use
it for the password hashing but also for other things, like cookies I
believe. So I rather keep using the Cake salt, just not for password
hashing.
I will give it a shot removing it from the core config and removing my
own hashpassword function. Just to see if I get the right behavior.
I'm pretty confused at the last thing though. Empty beforeFilter()
functions make the controllers behave as intended? that's just
weird :)
And everything else does look correct.
Will give the authorize and salt thing a try tonight, I won't be able
to work on it until late today.
Maybe the session is confusing the salt when opening an add or edit
function and spitting me out straight to The controller has been
saved. (Which would be a bug since if there's problems with the salt
and its not letting me into the add or edit form, the flash should say
something like Cannot add controller or Cannot edit
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Oh, by the way, I realized afterwards.
Make sure you users_controller either doesn't have a beforeFilter()
function or if it does, it calls parent::beforeFilter() as the first
thing it does. Otherwise you won't be able to login or out with the
custom hash in the model. (I know this makes it even more confusing to
figure out how the whole thing is working, but at least it is, and
that's really where I wanted it to be in the first place.)
On Sep 17, 11:41 pm, gparra gpa...@gmail.com wrote:
Ok, so basically I left it working as intended, but I'm not sure this
is the way CakePHP intended for me to write it so it would work.
I tried removing isAuthorized and that made any controller without a
beforeFilter() function claiming for a definition of isAuthorized.
I tried four different controllers with the above mentioned
app_controller:
1. No before filter function - Everything is accessible without a
password, but add and edit don't send you to the form, put you back on
index displaying the flash The controller has been saved
2. Before filter function with:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
In this case, nothing requires a login and Add and Edit behave the
same way as with 1.
3. Before filter function with only $this-Auth-allow('index'); -
Here everything works as intended, index doesn't require a password
and add and edit work just fine. Note the fact again that this only
happens if I DONT call parent:beforeFilter()
4. Empty beforeFilter() function - Everything requires a password
(even though the app_controller says allow('*'), but after the
password is entered, everything behaves as it should.
Thus since i was uncomfortable with the fact that my solution combined
an allow('*') in the app_controller with an empty beforeFilter()
function, i decided to try allow('display') again and combined it with
number 3 above. This way It would at least make sense that everything
would require a password except for index and display, even though not
calling parent::beforeFilter() wasn't being called.
And that worked. so my final combination 'weird solution' looks like
this:
app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('display');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}}
?
controller before filter:
function beforeFilter(){
$this-Auth-allow('index');
}
User model hashpasswords:
function hashPasswords($data) {
$data['User']['pass'] = md5($data['User']['pass']);
return $data;
}
This allows me to move forward with an authenticated app that allows
index without credentials and lets me leave everything else working as
it should.
The downside is that if this is a bug I'm going to have to re-write
all the stuff once it gets fixed and that will be a big pain since I
have to put either and empty beforeFilter() function or one with the
allow index in every single controller I need to have authentication.
I hope my solution helps someone else in the future, or is at least
used for debugging of Cake. If I'm wrong though and I'm doing
something silly that is making me have this not so nice behavior I'll
be happy to swallow my words and venerate CakePHP accordingly so
please let me know if I am!
Thank you!
On Sep 17, 9:41 am, gparra gpa...@gmail.com wrote:
I'll give the authorize thing a try again, although I didn't have it
in the previous version, I don't think it will make a difference.
I did read a lot about whether to use the salt or not, for other
things rather than just the password hashing and Cake doesn't only use
it for the password hashing but also for other things, like cookies I
believe. So I rather keep using the Cake salt, just not for password
hashing.
I will give it a shot removing it from the core config and removing my
own hashpassword function. Just to see if I get the right behavior.
I'm pretty confused at the last thing though. Empty beforeFilter()
functions make the controllers behave as intended? that's just
weird :)
And everything else does look correct.
Will give the authorize and salt thing a try tonight, I won't be able
to work on it until late today.
Maybe the session is confusing the salt when opening an add or edit
function and spitting me out straight to The controller has been
saved
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
I do need my own hashing just because my legacy user database has md5
passwords without a prepended salt. My new hashing method doesn't
include the CakePHP salt and allows people to log in with the same
accounts they had before.
I'll give allow('*') a try in a bit.
Thanks.
On Sep 16, 11:09 pm, Miles J mileswjohn...@gmail.com wrote:
You don't need your own hashing method if you put: Security::setHash
('md5'); That does the same thing as your custom method.
What happens when you do allow('*');
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Ok so this is odd at the very least, or it just doesn't make sense
according to the documentation.
My new app_controller has the allow('*') in it.
Every controller has no beforeFilter() function. except for 2.
One controller has an empty beforeFilter() function, no
parent::beforeFilter() in it. And it works just as intended! requires
login for every action (even though app_controller says allow('*'))
The other controller has a beforeFilter() function like this:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
And Add and Edit remain broken, every time you click on them it tells
you the controller has been saved.
All the other controllers without beforeFilter() function remain
broken as well, they don't require login but Add and Edit are still
broken (Lets remember if i take out app_controller everything works
fine, just without login)
So right now, my solution is to include empty beforeFilter() functions
on every controller and keep my app_controller as listed above?
Sounds a bit like a waste of code and something that could break in a
future update of Cake. Any ideas? does this sound like a bug or am I
still doing something wrong?
@Miles J, thanks for the help! I was kind of frustrated and couldn't
even begging to think about how to find working alternatives, with
your suggestion I kind of stumbled upon one, that shouldn't really
work hah.
Still looking for a 'proper' solution though. Keep the ideas coming.
On Sep 16, 11:09 pm, Miles J mileswjohn...@gmail.com wrote:
You don't need your own hashing method if you put: Security::setHash
('md5'); That does the same thing as your custom method.
What happens when you do allow('*');
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Oops. Forgot to paste my new version of the app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
$this-Auth-authenticate = ClassRegistry::init('User');
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
$this-Auth-loginAction = array('controller' = 'users',
'action' = 'login');
$this-Auth-loginRedirect = array('controller' = 'pages',
'action' = 'display', 'home');
$this-Auth-allow('*');
$this-Auth-authorize = 'controller';
}
function isAuthorized() {
return true;
}
}
?
On Sep 17, 8:40 am, gparra gpa...@gmail.com wrote:
Ok so this is odd at the very least, or it just doesn't make sense
according to the documentation.
My new app_controller has the allow('*') in it.
Every controller has no beforeFilter() function. except for 2.
One controller has an empty beforeFilter() function, no
parent::beforeFilter() in it. And it works just as intended! requires
login for every action (even though app_controller says allow('*'))
The other controller has a beforeFilter() function like this:
function beforeFilter(){
parent::beforeFilter();
$this-Auth-allow('index');
}
And Add and Edit remain broken, every time you click on them it tells
you the controller has been saved.
All the other controllers without beforeFilter() function remain
broken as well, they don't require login but Add and Edit are still
broken (Lets remember if i take out app_controller everything works
fine, just without login)
So right now, my solution is to include empty beforeFilter() functions
on every controller and keep my app_controller as listed above?
Sounds a bit like a waste of code and something that could break in a
future update of Cake. Any ideas? does this sound like a bug or am I
still doing something wrong?
@Miles J, thanks for the help! I was kind of frustrated and couldn't
even begging to think about how to find working alternatives, with
your suggestion I kind of stumbled upon one, that shouldn't really
work hah.
Still looking for a 'proper' solution though. Keep the ideas coming.
On Sep 16, 11:09 pm, Miles J mileswjohn...@gmail.com wrote:
You don't need your own hashing method if you put: Security::setHash
('md5'); That does the same thing as your custom method.
What happens when you do allow('*');
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
I'll give the authorize thing a try again, although I didn't have it in the previous version, I don't think it will make a difference. I did read a lot about whether to use the salt or not, for other things rather than just the password hashing and Cake doesn't only use it for the password hashing but also for other things, like cookies I believe. So I rather keep using the Cake salt, just not for password hashing. I will give it a shot removing it from the core config and removing my own hashpassword function. Just to see if I get the right behavior. I'm pretty confused at the last thing though. Empty beforeFilter() functions make the controllers behave as intended? that's just weird :) And everything else does look correct. Will give the authorize and salt thing a try tonight, I won't be able to work on it until late today. Maybe the session is confusing the salt when opening an add or edit function and spitting me out straight to The controller has been saved. (Which would be a bug since if there's problems with the salt and its not letting me into the add or edit form, the flash should say something like Cannot add controller or Cannot edit controller instead of the message I'm getting. Thanks. On Sep 17, 9:17 am, Miles J mileswjohn...@gmail.com wrote: Try removing the isAuthorized, especially if there is no logic in it. That may be the problem, not sure. Everything else looks correct though. Also, if you want to use md5() hashing but not use a salt, just set the salt to empty in the core config. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Setting up Auth is breaking my Add and Edit functions on all controllers.
Hi.
I'm not sure what the problem is, I setup Auth in the app_controller,
and now every time (after logging in) i try to add or edit, I'm sent
directly back to the index with a message (flash) that says The
(Controller) has been saved without letting me enter any fields.
Am I missing adding some auth code to the views? Do I need to add the
parent::beforeFilter(); to every controller even if they don't have a
beforeFilter() function defined?
Here's what I added to the app_controller:
?php
class AppController extends Controller {
var $components = array('Auth');
function beforeFilter() {
Security::setHash('md5');
// this is part of cake that serves up static pages, it should be
authorized by default
$this-Auth-allow('display');
// tell cake to look on the user model itself for the password
hashing function
$this-Auth-authenticate = ClassRegistry::init('User');
// tell cake where our credentials are on the User entity
$this-Auth-fields = array(
'username' = 'name',
'password' = 'pass',
);
// this is where we want to go after a login... we'll want to
make this dynamic at some point
$this-Auth-loginRedirect = array('controller'='partners',
'action'='index');
}
}
?
This is what I added to one of my controllers: (every other controller
was fully working without auth before with add, edit, view, index and
del.
function beforeFilter(){
$this-Auth-allow('add','index');
parent::beforeFilter();
}
Any ideas are welcome. Thank you!
Germán.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Re: Setting up Auth is breaking my Add and Edit functions on all controllers.
Yeah within the User model I have the following:
function hashPasswords($data) {
$data['User']['pass'] = md5($data['User']['pass']);
return $data;
}
I tried moving up the parent::beforeFilter(); but still had the same
issue.
On the other hand most of my controllers don't have any beforeFilter()
function defined as I didn't want to allow public access to any of
their functions.
So if I remove the beforeFilter() function altogether from the
controllers, shouldn't everything still work?
So far if I just remove app_controller from my controller folder
everything goes back to normal but I have no authentication :(
Any other ideas?
Thanks for the reply by the way.
On Sep 16, 8:41 pm, Miles J mileswjohn...@gmail.com wrote:
So do you have your own hashing method for $this-Auth-authenticate?
Also your problem is, is that parent::beforeFilter() must be run first.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
CakePHP group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
Set the timestamp to current server time manually...
Hi, I realize this question may be fairly easy to answer, but I just haven't managed to get a clear understanding of how to do it through the documentation or google search. I settled by using the database convention of naming my date field to 'created' as a datetime field in the database and in the model. This way, when I save it stores the current timestamp. However I'd like to know if there's a way I can manually set the timestamp using the Time helper or another time/date function in cakephp. Couldn't find anything similar online, I'd appreciate any comments. The idea is to do something like this in the controller: $this-data[Visit].['date'] = timestamp()* (I realize this could take any shape or form, please suggest the simplest most cakephp framework centric alternative). Thanks! German. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
