0

我是 CakePHP 的新手,我有一个问题。我正在更改表单中的用户电子邮件。我正在接受新电子邮件和确认新电子邮件字段以及密码。密码是他的帐户密码。如果他输入的密码与保存的密码匹配,那么系统将允许他更改密码。

我的表格如下所示;

 <form action="<?= Router::url('/users/ChangeEmailUser') ?>" method="post" id="ChangeEmailUser">

            <label><?= __('New Email', true); ?>:</label>
            <input autocomplete="off" type="text" name="newEmail" class="email">
            <span id="valid"></span><br />
            <label><?= __('Confirm New Email', true); ?>:</label>
            <input autocomplete="off" type="text" name="confEmail" class="conEmail">
            <span  id="valid1"></span><br />
            <b>To save these settings, please enter your password</b><br/><br/>
            <label><?= __('Password', true); ?>:</label>
            <input autocomplete="off" type="password" name="repeat_password" class="oldpassword">
            <span  id="valid"></span> <br />
            <div class="submit">
            <input type="submit" value="<?= __('submit', true) ?>" id="submitBtn" name="submitBtn" class="save_btn" style="margin-left:10px;"/>
            </div>
            <input type='button' name='' id='cancelGenderChangeBtn' value='<?= __('Cancel', true) ?>'  class='cancel-profile cancelEmailBtn'   /> 
        </form>

我在用户控制器中编写的功能如下;

  function ChangeEmailUser() {
        //get current language
        $current_lang = !(get_current_language('code')) ? 'en' : get_current_language('code');
        //get user
        $user = $this->_authenticate_user();

//        if (!$this->check_security_question()) {
//            $this->redirect(array('action' => 'confirm_question', 'controller' => 'users'));
//        }
        if (!empty($_POST)) {
            $this->set('submit_post', true);

            $current_password = $user['password'];
            $oldEmail = $this->User->get_his_old_email($user['account_num']);
            $current_password_post = $_POST['repeat_password'];
            $old_password = $this->User->get_his_old_password($user['account_num']);

            $current_password_post = isset($_POST['repeat_password']) ? clean_string(trim(mysql_escape_string($_POST['repeat_password']))) : '';
            $newEmail = isset($_POST['newEmail']) ? clean_string(trim(mysql_escape_string($_POST['newEmail']))) : '';
            $confEmail = isset($_POST['confEmail']) ? clean_string(trim(mysql_escape_string($_POST['confEmail']))) : '';


            if (empty($newEmail) || empty($confEmail) || empty($current_password_post)) {
                $this->User->logMessage($user['account_num'], TAHADI_LOG_SETTINGS, "FAILED - [ERROR: Missing Data]", "Change Email");
                $this->flashMessage(__('All Fields required', true));
            } elseif ($current_password != $current_password_post) {
               // $this->flashMessage(__('New email not valid', true));
                $this->flashMessage(__('Old password incorrect', true));
            } elseif ($newEmail != $confEmail) {
                $this->User->logMessage($user['account_num'], TAHADI_LOG_SETTINGS, "FAILED - [ERROR: New email and email confirmation do not match (Old Email : $oldEmail, New Email: $newEmail, Conf Email: $confEmail)]", "Change Email");
                $this->flashMessage(__('New email different from confirmation email', true));
            } elseif (!$this->User->custom_email(array('e_mail' => $newEmail))) {
                $this->User->logMessage($user['account_num'], TAHADI_LOG_SETTINGS, "FAILED - [ERROR: New email is not correct (Old Email : $oldEmail, New Email: $newEmail, Conf Email: $confEmail)]", "Change Email");
                $this->flashMessage(__('New email not valid', true));
            } else {
                $validEmail = $this->User->vaild_email($newEmail);
                if ($validEmail !== false) {
                    $this->User->logMessage($user['account_num'], TAHADI_LOG_SETTINGS, "FAILED - [ERROR: Email address already taken (Old Email : $oldEmail, New Email: $newEmail, Conf Email: $confEmail)]", "Change Email");
                    $this->flashMessage(__('This email is already taken', true));
                } else {
                    // send the verification link to the user
                    // Send notification email to the user.
                    if ($user['active'] == 1) {
                        $to = $user['email'];
                    } else {
                        $to = $newEmail;
                    }
                    $this->User->UpdatePendingEmailUser($newEmail, $user['account_num']);

                    $user2be_sent = md5(rc4Encrypt(strtolower($user['account_num'])));
                    $userinfo = getUser();
                    $user_code = md5($user['id'] . "tahadichangeke@" . time());
                    $this->User->add_email_change($user['account_num'], $user_code, $userinfo["active"]);

                    $link = Router::url('/users/confirmUserEmail', true) . "?code1=$user2be_sent&code2=$user_code";
                    $this->flashMessage(__('Email is changed please visit this email', true) . ":" . $to, 'Sucmessage');

                    $data = array();
                    $data['link'] = $link;
                    $data['username'] = $user['account_num'];

                    $not_me_link = Router::url("/recover/disavow_change_email?code=$user_code", true); //$this->_get_not_me_link($user['account_num'], "Change Email", "Confirmation email sent to $to (Old Email : $oldEmail, New Email: $newEmail, Conf Email: $confEmail)");
                    $this->set('not_me_link', $not_me_link);
                    $this->__notify_email(__('Confirm your email change request', true), "$current_lang/change_email", $to, $data);
                }
            }
        }

        $this->pageTitle = __("Change Email", true);
    }

现在的问题是当我输入密码时,它说旧密码不正确。我认为我没有得到旧密码并且它与发布的密码不匹配。当我评论检查它们匹配的位置时。然后就可以了。请帮助我如何解决这个问题。在此先感谢。

4

1 回答 1

0

这是未经测试的,因为我不再配置我的 cakePHP 环境。

我不熟悉您所说的 lam 文件,但我认为您的密码$user['password']与表单中发布的密码格式不同。如果$user['password']取自 cakePHP,如果我没记错的话,它会被散列,而从<input>标签发送的内容是明文。

也许这会有所帮助:

} elseif ($current_password != AuthComponent::password($current_password_post)) {

PS:你知道你设置$current_password_post了两次吗?

于 2013-07-02T07:08:48.427 回答