CakePHP的：失败的提交清除密码字段 [英] CakePHP: Clearing password field on failed submission

问题描述

问候，

我设立一个pretty标准登记表格密码字段。

I am setting up a pretty standard registration form with password field.

问题是，一个失败的提交后（由于空场，不正确的格式等），控制器重新加载注册页面，但含有pviously输入的密码$ P $的散列值的密码字段。我如何让它空每个失败提交后？

The problem is, after a failed submission (due to empty field, incorrect format etc), the controller reloads the registration page, but with the password field containing the hashed value of the previously entered password. How do I make it empty after each failed submission?

查看：

echo $form->password('Vendor.password', array('class' => 'text-input'));

控制器：

Security::setHash('sha1');
$this->Auth->sessionKey = 'Member'; 
$this->Auth->fields = array(
    'username' => 'email',
    'password' => 'password'
);

帮助非常多AP preciated，谢谢！

Help is very much appreciated, thanks!

推荐答案

您可能会遇到另一个问题来与CakePHP的密码验证的道路。

You may run into another problem down the road with cakePHP password validation.

的问题是，蛋糕第一散列的口令，<青霉>然后的确实验证，这可能导致输入失败，即使它根据你的规则是有效的。这就是为什么密码被返回到散列而非正常的输入域。

---

The problem is that cake hashes passwords first, then does validation, which can cause the input to fail even if it is valid according to your rules. This is why the password is returned to the input field hashed instead of normal.

---

要解决这个问题，而不是使用特殊的字段名密码，使用不同的名称，如tmp_pass。通过这种方式，CakePHP的验证不会自动散列字段中。

to fix this, instead of using the special field name 'password', use a different name like 'tmp_pass'. This way, cakePHP Auth won't automatically hash the field.

下面是一个样表

echo $form->create('Vendor', array('action' => 'register'));
echo $form->input('email');
echo $form->input( 'tmp_pass', array( 'label' => 'Password','type'=>'password' ));
echo $form->end('Register');

---

---

在您的供应商的模式，不分配验证规则'密码'，而不是分配这些规则'tmp_pass，例如：

In your Vendor model, don't assign validation rules to 'password' instead assign these rules to 'tmp_pass', for example

var $validate = array('email' => 'email', 'password' => ... password rules... );

变为

var $validate = array('email' => 'email', 'tmp_pass' => ... password rules... );

---

---

最后，在供应商的模式，实现beforeSave（）。

Finally, in your Vendor model, implement beforeSave().

首先，看看数据，用于验证（'tmp_pass将针对您的规则有效）。

First, see if the data validates ('tmp_pass' will be validated against your rules).

如果成功，手动哈希tmp_pass并把它在$这个 - >数据['供应商'] ['密码']，然后返回true。如果不成功，则返回false。

If successful, manually hash tmp_pass and put it in $this->data['Vendor']['password'] then return true. If unsuccessful, return false.

function beforeSave() {
    if($this->validates()){
        $this->data['Vendor']['password'] = sha1(Configure::read('Security.salt') . $this->data['User']['tmp_pass']);
        return true;
    }
    else
        return false;
}

这篇关于CakePHP的：失败的提交清除密码字段的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！