0

我尝试在正确更改密码时进行散列,但我不能,总是在更改密码后,它会散列两次,或者我不知道。请告诉我我做错了什么。

class User extends AppModel

{

var $validate = array(
    'name' => array(
        'length' => array(
            'rule'      => array('minLength', 5),
            'message'   => 'Please enter your full name (more than 5 chars)',
            'required'  => true,
        ),
    ),
    'username' => array(
        'length' => array(
            'rule'      => array('minLength', 5),
            'message'   => 'Must be more than 5 characters',
            'required'  => true,
        ),
        'alphanum' => array(
            'rule'      => 'alphanumeric',
            'message'   => 'May only contain letters and numbers',
        ),
        'unique' => array(
            'rule'      => 'isUnique',
            'message'   => 'Already taken',
        ),
    ),
    'email' => array(
        'email' => array(
            'rule'      => 'email',
            'message'   => 'Must be a valid email address',
        ),
        'unique' => array(
            'rule'      => 'isUnique',
            'message'   => 'Already taken',
        ),
    ),
    'password' => array(
        'empty' => array(
            'rule'      => 'notEmpty',
            'message'   => 'Must not be blank',
            'required'  => true,
        ),
    ),        
    'password_confirm' => array(
        'required'    => array(
            'rule'      => array('equalToField', 'password', true),
            'message'   => 'The password you entered does not match',

        ),
        'length' => array(
            'rule'      => array('between', 6, 20),
            'message'   => 'Use between 6 and 20 characters',
        ),
        'empty' => array(
            'rule'      => 'notEmpty',
            'message'   => 'Must not be blank',
        ),
    ),
);

function equalToField($array, $field) {
        return strcmp($this->data[$this->alias][key($array)], $this->data[$this->alias][$field]) == 0;
}


var $validateChangePassword = array(
    '_import' => array('password', 'password_confirm'),
    'password_old' => array(
        'correct' => array(
            'rule'      => 'password_old',
            'message'   => 'Does not match',
            'required'  => true,
        ),
        'empty' => array(
            'rule'      => 'notEmpty',
            'message'   => 'Must not be blank',
        ),
    ),
);


function useValidationRules($key)
{
    $variable = 'validate' . $key;
    $rules = $this->$variable;

    if (isset($rules['_import'])) {
        foreach ($rules['_import'] as $key) {
            $rules[$key] = $this->validate[$key];
        }
        unset($rules['_import']);
    }

    $this->validate = $rules;
}


function password_old($data)
{
    $password = $this->field('password',
        array('User.id' => $this->id));
    return $password ===
        Security::hash($data['password_old'], null, true);
}

 public function beforeSave($options = array()) {
    if (isset($this->data[$this->alias]['password'])) {
        $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this-   >alias]['password']);
    }
    return true;
}

然后我的控制器:

class UsersController extends AppController

{

 var $components = array('Email');


  /**
 * Account details page (change password)
 */
function account()
{
    // Set User's ID in model which is needed for validation
    $this->User->id = $this->Auth->user('id');

    // Load the user (avoid populating $this->data)
    $current_user = $this->User->findById($this->User->id);
    $this->set('current_user', $current_user);

    $this->User->useValidationRules('ChangePassword');
    $this->User->validate['password_confirm']['compare']['rule'] =
        array('equalToField', 'password', false);

    $this->User->set($this->data);
    if (!empty($this->data) && $this->User->validates()) {
        $password = $this->Auth->password($this->data['User']['password']);
        $this->User->saveField('password', $password);

        $this->Session->setFlash('Your password has been updated');
        $this->redirect(array('action' => 'account'));
    }        
}



/**
 * Registration page for new users
 */
// function register()
// {
    // if (!empty($this->data)) {
        // $this->User->create();
        // if ($this->User->save($this->data)) {
            // $this->Session->setFlash(__('Your account has been created.', true));
            // $this->redirect('/');
        // } else {
            // $this->Session->setFlash(__('Your account could not be created.', true));
        // }
    // }
// }

public function register(){

    if($this->request->is('post')){
        $this->User->create();
        if($this->User->save($this->request->data)){
            $this->Session->setFlash(__('Użytkownik został zapisany', 'success'));
            $this->redirect(array('controller'=>'ads', 'action'=>'index'));
        } else {
            $this->Session->setFlash(__('Błąd zapisu'), 'error');
        }
    }

}

/**
 * Log a user out
 */
function logout()
{
   return $this->redirect($this->Auth->logout());
}

    /**
 * Ran directly after the Auth component has executed
 */
function login()
{
    // Check for a successful login
    if($this->request->is('post')){



        if($this->Auth->login()){
            $this->User->id = $this->Auth->user('id'); // zapisuje date logowania
            $this->User->saveField('lastlogin', date(DATE_ATOM)); // zapisuje date logowania

            $this->redirect($this->Auth->redirect());
        } else {
            $this->Session->setFlash(__('Nieprawidłowy login lub hasło'), 'error');
        }
    }
}

和观点:

echo $this->Form->create(array('action' => 'account'));
echo $this->Form->input('password_old',     array('label' => 'Old password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->input('password_confirm', array('label' => 'New password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->input('password',         array('label' => 'Re-enter new password', 'type' => 'password', 'autocomplete' => 'off'));
echo $this->Form->end('Update Password');
4

1 回答 1

0

将 UsersController 中帐户功能中的这一行从

$password = $this->Auth->password($this->data['User']['password']);

$password = $this->data['User']['password'];

$this->Auth->password() 与模型中的 AuthComponent::password() 执行相同的功能。

所以你的密码被哈希了两次。

于 2013-10-09T18:56:02.683 回答