当用户使用FOSUserBundle更新配置文件时,忽略密码 [英] Ignore Password when user updates profile with FOSUserBundle
问题描述
我正在使用FOSUserBundle,我正在尝试创建一个允许用户更新其用户配置文件的页面。我遇到的问题是,我的表单不要求用户重新输入密码,如果他们不想更改/更新密码。所以当用户以空密码提交表单时,数据库将更新一个空字符串,用户将无法登录。
I am using FOSUserBundle and I am trying to create a page that allows a user to update their user profile. The problem I am facing is that my form does not require that the user reenter their password if they don't want to change/update their password. So when a user submits the form with an empty password the database will be updated with an empty string, and the user will not be able to log in.
我如何得到我的表单忽略更新密码字段如果没有设置?以下是我正在使用的代码。
How can I get my form to ignore updating the password field if it is not set? Below is the code I am using.
$user = $this->get('security.context')->getToken()->getUser();
//user form has email and repeating password fields
$userForm = $this->createForm(new UserFormType(), $user);
if ($request->getMethod() == 'POST') {
$userForm->bindRequest($request);
if($userForm->isValid()){
//this will be be empty string in the database if the user does not enter a password
$user->setPlainPassword($userForm->getData()->getPassword());
$em->flush();
}
}
我已经尝试了以下几个,但是这仍然是空的,因为bindRequest将空密码设置为用户
I have tried a few things such as the following, but this is still empty because the bindRequest sets the empty password to the user
if($userForm->getData()->getPassword())
$user->setPlainPassword($userForm->getData()->getPassword());
我也尝试过,但这会导致类似的情况,导致不必要的查询
I have also tried, but this results in a similar situation and causes an unneeded query
if($userForm->getData()->getPassword())
$user->setPlainPassword($userForm->getData()->getPassword());
else
$user->setPlainPassword($user->getPlainPassword());
有没有任何优雅的方式来处理这个用例?
Are there any elegant ways to handle this use case?
推荐答案
我认为你应该重新考虑一下这是否是一个很好的用例。用户是否可以编辑其他用户密码?在我们的机构,我们甚至不允许最高级别的管理员执行此任务。
I think you should reconsider if this is in fact a good use case. Should users be able to edit other users passwords? At our institution we do not allow even the highest level admin to perform this task.
如果用户需要更改密码,我们让他们自己处理。如果他们忘记密码,我们允许他们通过电子邮件检索。如果他们需要帮助调整他们的电子邮件,我们允许我们的管理员协助用户。但是所有的密码更新和创建都是由用户完成的。
If a user needs their password changed we let them handle that themselves. If they have forgotten their password we allow them to retrieve it via email. If they need assistance with adjusting their email we allow our admins to assist users then. But all password updating and creation is done soley by the user.
我认为FOSUserBundle很难做到这一点,但如果你必须DonCallisto似乎有一个很好的解决方案。
I think it is great that FOSUserBundle makes it so difficult to do otherwise but if you must DonCallisto seems to have a good solution.
这篇关于当用户使用FOSUserBundle更新配置文件时,忽略密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
