For 1) I'm not sure if we should be doing that either but I know I'm doing it for the same reason you are... :-)
----- Original Message ----- From: "BeanDog" <[EMAIL PROTECTED]> To: "CakePHP" <cake-php@googlegroups.com> Sent: Thursday, September 25, 2008 7:33 PM Subject: Auth component - enforcing password strength and password confirmation entry > > I've figured out a pretty clean way to make a user registration form > that validates a password confirmation and password strength, without > extending the Auth component or any other trickery. > > I wanted some feedback. First, should I be using value=>'' on the > password and password2 form elements? If I don't it seems to fill in > those boxes with the hash and plaintext password (respectively). > Second, how do my validation functions look? They're my first attempt > at custom validation. They seem to work OK. > > Here's my register view: > > <h1>Register</h1> > <?php > echo $form->create('User', array('action' => 'register')); > echo $form->input('username'); > echo $form->input('password', array('value'=>'')); > echo $form->input('password2', array('label'=>'Repeat Password', > 'type'=>'password', 'value'=>'')); > > echo $form->input('first_name'); > echo $form->input('last_name'); > echo $form->input('email'); > > echo $form->end('Register'); > ?> > > > > Here's my user model: > > <?php > App::import(array('Security')); > > class User extends AppModel { > var $validate = array( > 'email' => 'email', > 'first_name' => array( > 'rule' => array('minLength', 1) > ), > 'last_name' => array( > 'rule' => array('minLength', 1) > ), > 'username' => array( > 'rule' => array('minLength', 4) > ), > 'password' => array( > 'rule' => array('CheckPassword'), > 'message' => 'At least 6 characters' > ), > 'password2' => array( > 'rule' => array('CheckPasswordMatch'), > 'message' => 'Passwords did not match' > ) > ); > > function CheckPassword($data) { > if(!isset($this->data['User']['password2'])) > return true; //Only confirm password strength if we're collecting a > new password (i.e. password2 is set). > return strlen($this->data['User']['password2']) >= 6; > } > function CheckPasswordMatch($data) { > return $this->data['User']['password'] == Security::hash($this- >>data['User']['password2'], null, true); > } > } > ?> > > > > And my user controller: > > <?php > class UsersController extends AppController { > var $components = array('Auth'); > > function beforeFilter() { > $this->Auth->allow('register'); > } > > /** > * The AuthComponent provides the needed functionality > * for login, so you can leave this function blank. > */ > function login() { > } > > function logout() { > $this->redirect($this->Auth->logout()); > } > > > function register() { > if($this->data) { > if ($this->User->save($this->data)) { > $this->flash('Your account has been created.', '/users/login'); > } > } > } > } > ?> > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---