Re: Validate data md5
Thank you guys, this was really helpful Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Validate data md5
Right, but not everyone uses secure connection for user registration, and honestly I can't remember a single site which doesn't clear the password field on registration error. On Jun 5, 3:20 am, calvin cal...@rottenrecords.com wrote: I don't get that. I think that presents a false sense of security. It's best practice to use a secure connection whenever you're transmitting passwords. And if you're handling the request over secure http, then it doesn't matter if you send the password back to the user. On Jun 4, 10:08 am, vekija vedran.konto...@gmail.com wrote: When you have an error on the registration form, it is a best practice to clear the password value and force the user to renter that info. So, in the controller... if($this-User-save($this-data)) { // ... whatever you do after user had registered successfully} else { // ... there was an error $this-data['User']['password'] = null; } V On Jun 4, 4:21 pm, Chrriss polet...@wanadoo.fr wrote: Hi, I have a form to add a user and I use an md5 encryption when I save the password in the database. I use $validate to check if the email address is valid. If it's not, the form shows the data again with the error message but the password is not the right one in this case. It's the hashed password. So when I re-enter a valid email address, the password that is saved in the database is not the one I wanted! How can I do ? Thank you in advance! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Validate data md5
When you have an error on the registration form, it is a best practice to clear the password value and force the user to renter that info. So, in the controller... if($this-User-save($this-data)) { // ... whatever you do after user had registered successfully } else { // ... there was an error $this-data['User']['password'] = null; } V On Jun 4, 4:21 pm, Chrriss polet...@wanadoo.fr wrote: Hi, I have a form to add a user and I use an md5 encryption when I save the password in the database. I use $validate to check if the email address is valid. If it's not, the form shows the data again with the error message but the password is not the right one in this case. It's the hashed password. So when I re-enter a valid email address, the password that is saved in the database is not the one I wanted! How can I do ? Thank you in advance! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Validate data md5
If you don't want to reenter the password, you can use a different name for the password input. For instance: View: $this-Form-input('new_password', array('type' = 'password')); Controller: if(!empty($this-data['User']['new_password'])) { $this-data['User']['password'] = $this-Auth-password($this- data['User']['new_password']); } This way if your form is printed again, the field new_password is not hashed. Regards, nIcO On 4 juin, 19:08, vekija vedran.konto...@gmail.com wrote: When you have an error on the registration form, it is a best practice to clear the password value and force the user to renter that info. So, in the controller... if($this-User-save($this-data)) { // ... whatever you do after user had registered successfully} else { // ... there was an error $this-data['User']['password'] = null; } V On Jun 4, 4:21 pm, Chrriss polet...@wanadoo.fr wrote: Hi, I have a form to add a user and I use an md5 encryption when I save the password in the database. I use $validate to check if the email address is valid. If it's not, the form shows the data again with the error message but the password is not the right one in this case. It's the hashed password. So when I re-enter a valid email address, the password that is saved in the database is not the one I wanted! How can I do ? Thank you in advance! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
Re: Validate data md5
I don't get that. I think that presents a false sense of security. It's best practice to use a secure connection whenever you're transmitting passwords. And if you're handling the request over secure http, then it doesn't matter if you send the password back to the user. On Jun 4, 10:08 am, vekija vedran.konto...@gmail.com wrote: When you have an error on the registration form, it is a best practice to clear the password value and force the user to renter that info. So, in the controller... if($this-User-save($this-data)) { // ... whatever you do after user had registered successfully} else { // ... there was an error $this-data['User']['password'] = null; } V On Jun 4, 4:21 pm, Chrriss polet...@wanadoo.fr wrote: Hi, I have a form to add a user and I use an md5 encryption when I save the password in the database. I use $validate to check if the email address is valid. If it's not, the form shows the data again with the error message but the password is not the right one in this case. It's the hashed password. So when I re-enter a valid email address, the password that is saved in the database is not the one I wanted! How can I do ? Thank you in advance! Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups CakePHP group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en