Yes, you should only hash if the field is actually submitted
So you need to change your callback code here according to the
documentation/cookbook.
And you should only submit the field if you actually want to set/change the
password
This said, it is wise to not include the field directly in the f
this is what i am experiencing, it rehashes the password.
did you find a solution to not rehash?
this image is kinda what id like to do, a simple check before hashing to
see if the same value was posted back. help appreciated much thanks ahead!
>
--
Like Us on FaceBook https://www.facebook.
I am also having an issue with sessions, and I'm very frequently being
asked to log back in.
Configure::write('Session', array(
'defaults' => 'database',
'ini' => array(
'session.cookie_secure' => false
)
));
Configure::write('Security.level', 'med
I am also noticing this problem a lot in 2.0, did either of you get to the
bottom of it?
It seems to be worse when multiple users are logging into the system at
once, even when logging in with different users (does cake prevent
concurrent logins with same account?)
Regards, Paul.
--
Our ne
I also experienced quite an amount of unexpected logouts in 2.0 now.
To make sure it is not the garbage collector of the file system I
switched to "database".
There no garbage collector should interfere as long as expires is not
reached (which is several days).
But the systems logs the user out aft
ssing your statement I think this is a good design how it is now in 2.0.
From: cake-php@googlegroups.com [mailto:cake-php@googlegroups.com] On Behalf
Of Jeremy Burns | Class Outfit
Sent: Wednesday, July 27, 2011 2:55 PM
To: cake-php@googlegroups.com
Subject: Re: CakePHP 2.0 Auth not hashin
On Jul 27, 2:55 pm, Jeremy Burns | Class Outfit
wrote:
> Yup, I get that. I was merely raising the possibility of an already hashed
> password getting hashed again. What's the advice for telling whether or not a
> password has already been hashed?
dont include the password in any updates exce
Yup, I get that. I was merely raising the possibility of an already hashed
password getting hashed again. What's the advice for telling whether or not a
password has already been hashed?
Jeremy Burns
Class Outfit
http://www.classoutfit.com
On 27 Jul 2011, at 19:40, Ceeram wrote:
> This is men
This is mentioned in the migration guide, Auth doesnt auto hash your
passwords anymore, you need to handle that manually in 2.0 . It was very
confusing for new users to have the passwords auto hashed.
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check ou
Just a thought. If you have dragged the whole user record back that includes
the hashed password and is then included in an array as part of a save function
even if it hasn't been changed, will this beforeSave function not rehash the
already hashed password?
Jeremy Burns
Class Outfit
http://ww
or simply use a behavior:
https://github.com/dereuromark/tools/blob/master/models/behaviors/change_password.php
this is still cake1.3 though :)
On 27 Jul., 04:18, "Meroe Kush" wrote:
> Disregard my last post please.
>
> As soon as I hit send I found this:
>
> Hashing passwords
>
> AuthCompo
11 matches
Mail list logo