0

之前很抱歉,请问,当我更改密码和忘记密码时,如果我的 beforeSave 函数像这样,新密码不会存储在数据库中:

public function beforeSave($options = array()) {
if (!$this->id && !isset($this->data[$this->alias][$this->primaryKey]) && isset($this->data[$this->alias]['password'])) { $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']); } else {
unset($this->data[$this->alias]['password']);
}return true;}

但是如果 BeforeSave 的功能变成这样

public function beforeSave($options = array()) {  $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);}}

新密码的值是成功保存到数据库,但是当用户进行编辑功能和密码留空时,数据库中的密码有两次散列请帮助我,谢谢

哦,是的,这是我的 changePassword 功能:

public function account(){
    if(!$this->Session->check('Auth.User')){
        $this->Session->setFlash(__('You must be logged in to view this page.'));
        return $this->redirect(array('action' => 'login'));
    }
    //set user's ID in  model which is needed for validation
    $this->User->id = $this->Auth->user('id');

    //load the user (avoid populating $this->data)
    $current_user = $this->User->findById($this->User->id);
    $this->set('current_user', $current_user);

    $this->User->useValidationRules('ChangePassword');
    $this->User->validate['re_password']['compare']['rule'] = array('equalToField', 'password', false);

    $this->User->set($this->data);
    if(!empty($this->data) && $this->User->validates()){
        $password = $this->data['User']['password'];
        $this->User->saveField('password', $password);

        $this->Session->setFlash('Your password has been updated');
        $this->redirect(array('action' => 'account'));
    }

    $this->layout = 'dashboard_admin';
}
4

2 回答 2

0

在编辑表单中添加新表单字段,而不是密码,添加 new_password。只有当用户在那里放一些东西时,它才会被散列......

public function edit($id = null) {
  $this->User->id = $id;

  if (!$this->User->exists()) {
    throw new NotFoundException(__('Invalid user'));
  }

  if ($this->request->is('post') || $this->request->is('put')) {
    if ($this->User->save($this->request->data)) {
      $this->Session->setFlash(__('Saved.', true));

      $this->redirect(array('action' => 'view', $id));
    } else {
      $this->Session->setFlash(__('Error.', true));
    }
  } else {
    $user = $this->User->read(null, $id);
    $this->request->data = $user;

    unset($this->request->data['User']['password']);
    $this->set('user', $user);
  }


public function beforeSave($options = array()) {
  if (!empty($this->data['User']['new_password'])) {
    $this->data['User']['password'] = AuthComponent::password($this->data['User']['new_password']);

    unset($this->data['User']['new_password']);
  }
}
于 2014-10-08T10:58:22.190 回答
0

仅在编辑(用户未更改密码)的情况下使用此选项,并且您甚至不应向用户显示散列密码

  if ($this->request->is('post') || $this->request->is('put')) {
    unset($this->request->data['User']['password']);
    if ($this->User->save($this->request->data)) {
      $this->Session->setFlash(__('Saved.', true));

      $this->redirect(array('action' => 'view', $id));
    } else {
      $this->Session->setFlash(__('Error.', true));
    }
  }
于 2014-10-08T12:01:17.867 回答