我自己学习cakephp.我试图创建一个带有changepassword功能的用户控制器.它有效,但我不确定这是否是最好的方法,我无法在这方面搜索有用的教程.这是我的代码:
class UsersController extends AppController {
var $name = 'Users';
function login() {
}
function logout() {
$this->redirect($this->Auth->logout());
}
function changepassword() {
$session=$this->Session->read();
$id=$session['Auth']['User']['id'];
$user=$this->User->find('first',array('conditions' => array('id' => $id)));
$this->set('user',$user);
if (!empty($this->data)) {
if ($this->Auth->password($this->data['User']['password'])==$user['User']['password']) {
if ($this->data['User']['passwordn']==$this->data['User']['password2']) {
// Passwords match, continue processing
$data=$this->data;
$this->data=$user;
$this->data['User']['password']=$this->Auth->password($data['User']['passwordn']);
$this->User->id=$id;
$this->User->save($this->data);
$this->Session->setFlash('Password changed.');
$this->redirect(array('controller'=>'Toners','action' => 'index'));
} else {
$this->Session->setFlash('New passwords differ.');
}
} else {
$this->Session->setFlash('Typed passwords did not match.');
}
}
}
}
password是旧密码,passwordn是新密码,password2是新密码.还有其他更多的coomon方式在蛋糕中做到吗?
Mik*_*ike 29
我看到你在控制器中验证和操作数据.在模型中执行此操作通常是更好的做法.几天前我实现了类似的功能.我的change_password()方法看起来像这样:
# app/controllers/users_controller.php
function change_password() {
if (!empty($this->data)) {
if ($this->User->save($this->data)) {
$this->Session->setFlash('Password has been changed.');
// call $this->redirect() here
} else {
$this->Session->setFlash('Password could not be changed.');
}
} else {
$this->data = $this->User->findById($this->Auth->user('id'));
}
}
这是与该方法一起使用的视图的精简版本:
# app/views/users/change_password.ctp
echo $this->Form->create('User');
echo $this->Form->input('id');
echo $this->Form->input('current_password');
echo $this->Form->input('password1');
echo $this->Form->input('password2');
echo $this->Form->end('Submit');
做一些有趣事情的代码在模型中.我将表单中的字段添加到validate属性中并编写了自定义验证方法.这允许我在应用程序的任何其他位置使用password1和password2字段,例如,在注册表单上.
# app/models/user.php
var $validate = array(
'current_password' => array(
'rule' => 'checkCurrentPassword',
'message' => '...'
),
'password1' => array(
'rule' => 'checkPasswordStrength',
'message' => '...',
),
'password2' => array(
'rule' => 'passwordsMatch',
'message' => '...',
)
);
最后,在beforeSave()模型的回调中,我设置password了哈希,password1以准备将数据存储在数据库中.
aza*_*zam 21
迈克提供的解决方案很棒,但他省略了"checkCurrentPassword"功能.以下是您可以在模型中放置的函数的示例:
# app/models/user.php
public function checkCurrentPassword($data) {
$this->id = AuthComponent::user('id');
$password = $this->field('password');
return(AuthComponent::password($data['current_password']) == $password);
}
此解决方案从Auth组件获取当前用户ID,并将模型更改为指向该特定用户.然后,它将表单上输入的current_password的哈希值与为该用户存储的哈希密码进行比较.
此外,这里是您可以用来散列新密码的beforeSave函数:
# app/models/user.php
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password1'])) {
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password1']);
}
return true;
}