0

我正在开发我的第一个 cakephp 应用程序。身份验证和原始验证工作正常。

我在用户的私人页面上进行了一些修改,其中显示了个人数据,我使它能够使用 jQuery+jEditable 编辑数据,完美运行。

我的问题是,当我将例如电子邮件修改为坏邮件时,我的意思是“someone@.com”或“somone.com@asdf.com”。所以我认为当我用就地方式修改数据时,我认为我的应用程序不能使用“验证”。

我将对所有字段进行验证:不为空、正确的电子邮件语法以及带有 md5 哈希生成的新密码和密码确认。

您将看到一切正常,但密码不正常,我不知道如何使用确认字段和 md5 哈希生成来做到这一点。

如果你能帮助我一点,我将不胜感激,我是新手。

我也想知道这个安全性,我需要注意什么?

以下是代码:

用户控制器.php

    public function in_place_editing($id = null) {

    if (!$id) return;

    if ($this->request->data) {

    # get all the fields with its values (there should be only one, but anyway ...)
    foreach($this->data['User'] as $field => $value)
    {
      # check if the provided field name is acceptable
      switch($field)
      {
        case 'email':
        case 'postcode':
        case 'city':
        case 'address':
        case 'phone':
          break;
        default:
          $this->set('updated_value', '');
        return;
      }

      $this->User->id = $id;
      $this->User->save($field, $value);
      $this->set('updated_value', $value);
      $this->beforeRender();
      $this->layout = 'ajax';


    }
  }

}

index.ctp(这是私有数据页面)

<h2>Personal details</h2>
<table cellpadding="0" cellspacing="0">
    <tr>
            <td>Name</td>
            <td><?php echo $userdata[0]['User']['name']; ?></td>
            </tr>
            <tr>
            <td>E-mail</td>
            <td>
            <?php
            echo $this->inPlaceEditing->input('User', 'email', $userdata[0]['User']['id'],
            array('value' => $userdata[0]['User']['email'],
            'actionName' => 'users/in_place_editing',
            'type' => 'text',
            'cancelText' => 'Cancel',
            'submitText' => 'Save',
            'toolTip' => 'Click to edit',
            //'containerType' => 'td'
            )
            );
            ?>
            </td>
            </tr>
            <tr>
            <td>Postcode</td>
            <td>
            <?php
            echo $this->inPlaceEditing->input('User', 'postcode', $userdata[0]['User']['id'],
            array('value' => $userdata[0]['User']['postcode'],
            'actionName' => 'users/in_place_editing',
            'type' => 'text',
            'cancelText' => 'Cancel',
            'submitText' => 'Save',
            'toolTip' => 'Click to edit',
            //'containerType' => 'td'
            )
            );
            ?>
            </td>
            </tr>
            <tr>
            <td>City</td>
            <td>
            <?php
            echo $this->inPlaceEditing->input('User', 'city', $userdata[0]['User']['id'],
            array('value' => $userdata[0]['User']['city'],
            'actionName' => 'users/in_place_editing',
            'type' => 'text',
            'cancelText' => 'Cancel',
            'submitText' => 'Save',
            'toolTip' => 'Click to edit',
            //'containerType' => 'td'
            )
            );
            ?></td>
            </tr>
            <tr>
            <td>Address</td>
            <td>
            <?php
            echo $this->inPlaceEditing->input('User', 'address', $userdata[0]['User']['id'],
            array('value' => $userdata[0]['User']['address'],
            'actionName' => 'users/in_place_editing',
            'type' => 'text',
            'cancelText' => 'Cancel',
            'submitText' => 'Save',
            'toolTip' => 'Click to edit',
            //'containerType' => 'td'
            )
            );
            ?>
            </td>
            </tr>
            <tr>
            <td>Phone number</td>
            <td>
            <?php
            echo $this->inPlaceEditing->input('User', 'phone', $userdata[0]['User']['id'],
            array('value' => $userdata[0]['User']['phone'],
            'actionName' => 'users/in_place_editing',
            'type' => 'text',
            'cancelText' => 'Cancel',
            'submitText' => 'Save',
            'toolTip' => 'Click to edit',
            //'containerType' => 'td'
            )
            );
            ?>
            </td>

    </tr>
    </table><br>
<h2>User and password</h2>
    <table cellpadding="0" cellspacing="0">
    <tr>
            <td>Username</td>
            <td><?php echo $userdata[0]['User']['username']; ?></td>
            </tr>

            <td>Password</th>
            <td>Modify</td>
            </tr>

    </table>
4

3 回答 3

0 
        foreach($this->data['User'] as $field => $value)
            {
              # check if the provided field name is acceptable
              switch($field)
              {
                case 'email':
                case 'postcode':
                case 'city':
                case 'address':
                case 'phone':
                  break;
                default:
                  $this->set('updated_value', '');
                return;
              }

        $this->User->set($this->request->data);

            $this->User->validate['email'] = array('Mail'=>array( 'rule' => 'email',
                                      'message' => 'improperemail','on'=>'update')));

        if($this->Users->validates())
        {
              $this->User->id = $id;
              $this->User->save($field, $value);
        }
    else
    {
           $this->Session->setFlash('not a valid field your are posting');
            $errors=$this->User->validationerrors;
    }
于 2013-04-25T11:19:55.553 回答
0

将验证规则添加到您为用户创建的模型。它用于您的用户模型的电子邮件验证示例。您可以对电话、邮政编码作为数值使用更多验证

var $validate =array('email'=>array(
                                 'Email'    =>  array(
                               'rule'=>'email',
                              'message'=>'Improper email address'
                                )));

查看链接:http ://book.cakephp.org/2.0/en/models/data-validation.html#Validation::email

于 2013-04-24T10:36:02.293 回答
0 
    OR you can directly add validation rule to controller.

    $this->User->set($this->request->data);
  <pre>  
    $this->User->validate['email'] = array('Mail'=>array( 'rule' => 'email',
                              'message' => 'improperemail','on'=>create')));
</pre>

before saveField check for validation.
as if($this->Users->validates())
{
enter saveField code
}
于 2013-04-24T10:50:53.813 回答