我正在使用laravel-4 auth组件.我想创建一个将更改用户密码的功能.我的观点如下:
密码 - 文本框; new_password - 文本框; confirm_new_password - 文本框
我还检查了密码重置手册,但在该文档(http://laravel.com/docs/security#password-reminders-and-reset)中,他们正在发送密码重置邮件.视图如下:
@extends('layouts.main')
@section('title') Change Password
@stop
@section('content')
{{ Form::open(array('url'=>'users/user-password-change', 'class'=>'block small center login')) }}
<h3 class="">Change Password</h3>
<h6>Please change your password below.</h6>
<ul>
@foreach($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
{{ Form::password('password', array('class'=>'input-block-level', 'placeholder'=>'Old Password')) }}
{{ Form::password('new_password', array('class'=>'input-block-level', 'placeholder'=>'New Password')) }}
{{ Form::password('confirm_new_password', array('class'=>'input-block-level', 'placeholder'=>'Confirm New Password')) }}
{{ Form::submit('Register', array('class'=>'k-button'))}}
{{ Form::close() }}
@stop
控制器代码如下:
public function postUserPasswordChange(){
$validator = Validator::make(Input::all(), User::$change_password_rules);
if($validator->passes()){
$user=new UserEventbot;
$user->password=Hash::make(Input::get('new_password'));
$user->save();
return Redirect::to('users/change-password');
}else {
return Redirect::to('users/change-password')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
}
}
请帮我这个,如何首先将此密码与数据库表用户匹配,然后整个过程.谢谢 .
要将当前用户密码与数据库中的密码相匹配,您可以执行以下操作,
// retrieve the authenticated user
$user = Auth::user();
检索表单内用户指定的当前密码,
$current_password = Input::get('current_password');
我们可以查看是否指定了当前密码并检查哈希密码,如下所示,
if (strlen($current_password) > 0 && !Hash::check($current_password, $user->password)) {
return Redirect::to('/user/edit-profile')->withErrors('Please specify the good current password');
}
这里要注意的重要一点是功能
Hash :: check(CURRENT_PASSWORD_ENTERED_IN_FORM,HASHED_VERSION_OF_PASSWORD_STORED_IN_AUTH_USER)
最后,如果一切顺利,您可以在Auth和数据库中更新当前用户密码,如下所示,
// authenticated user
$user = Auth::user();
$user->password = Hash::make($new_password);
// finally we save the authenticated user
$user->save();
请尝试以下方法:
public function postUserPasswordChange(){
$validator = Validator::make(Input::all(), User::$change_password_rules);
if($validator->passes()){
$user = UserEventbot::findOrFail(Auth::user()->id);
$user->password = Hash::make(Input::get('new_password'));
$user->save();
return Redirect::to('users/change-password');
}else {
return Redirect::to('users/change-password')->with('message', 'The following errors occurred')->withErrors($validator)->withInput();
}
}