I am making a password reset form, which contains two fields: password1 and password2. The user enters their new password and then re-types their new password again.
I'm not sure how to make a validation rule that will compare the two values from the fields and see if they're the same.
IMHO it's more trouble than worth to create a separate rule in this case. You could, if you want to code "pure" CakePHP, but it's easier to just compare the fields in the controller and invalidate one of them manually if they don't match:
if( $this->data[ 'User' ][ 'password1' ] != $this->data[ 'User' ][ 'password2' ] ) {
$this->User->invalidate( 'password2', "The passwords don't match." );
}
if you are using Auth component then you need to hash the second password in the controller, because the password will be automatically hashed.
To compare 2 fields, you need to write a custom validation rule: http://bakery.cakephp.org/articles/aranworld/2008/01/14/using-equalto-validation-to-compare-two-form-fields (read the comments also, because the tutorial itself is kind of old)
I just happen to have written a behavior for this 2 days ago:
https://github.com/dereuromark/tools/blob/master/Model/Behavior/PasswordableBehavior.php
some sample code how to use it:
http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/
Related
I am wondering if the updateOrCreate method in Laravel has a way to skip some information in case the record exists in the database. For example, I wanna be able to search for users, and assign a password if the user is to be created, but not if the user already exists.
Say, I have 3 data for a user, $email, $info and $password. The search criteria would of course be $email, then maybe $info needs to be updated for whatever reason, while $password should only be given if the record is new.
Is there a 'do not update' parameter for updateOrCreate where I can put the password?
User::updateOrCreate(
[
'email' => $email // These parameters are the search criteria, but also used on create
],
[
'data' => $info, // These parameters are the values that will be updated if exist
],
[
'password' => $password, // These parameters are used only in create but are not search criteria
]
);
There are so many questions I would have love to ask to fully understand your organization's process.
1.How did the information get to the db at the first place if the user has not be created?
2. Why can't the password be generated when creating the info into the db at the first place
But I guess all these might bore down to design issue so, I think would say you can create a regular expression that would match your organization document number pattern and use it to check for new user through a loop and the assign password to such ones.
In laravel 7, the $request->all() or the $validator->valid(), always return an array of values, key assign is correct, but the values are always strings.
I need the validator to transform the field to the rules i made.
Example in rules for validation : ['no' => 'required|integer|min:1',...]
Example of the output of validation->valid() : [ "no" => "1231" ] - string typed, i need this to be integer like : [ "no" => 1231 ]
I dont want to cast every field one by one... what i'm doing wrong ?
NOTE
All the validations works well, it's only the output of the fields that i want to match the validation, if i say the field is integer, the result of the validation must be integer and not string.
I just resolve this problem :
Create a FormRequest file, and put the validations, rules and messages there.
I dont know why... in the last version : my validations , rules and messages stay in the controller file.
Clear cache, everything ok.
To validate the update of the e-mail of a user already registered I have the next function to exclude the "unique" rule for the current User:
public function updateRules() {
return [
'name' => 'required',
'email' => 'required|unique:users,email,'.$this->id,
];
}
In the Laravel docs https://laravel.com/docs/5.7/validation#rule-unique I found the syntax unique:table,column,except,idColumn with 4 parameters:
table: refers to the table name "users"
column: refers the column name "email"
except: I'm taking it as the id of the Model instance I want to exclude from the "unique" verification
idColumn: I have no idea about this
Someone could clarify what do except and idColumn refers to?
Note for those obsessed with duplicate questions: I'm not asking how to do the rule exclusion for the update, because it seems to work just fine, I've read those questions and answers. I'm making helper functions and I need to know exactly what those two parameters means.
So you are right about the except parameter, it is the id that you want to be excluded from the check.
And idColumn is optional in case your column is not called id but user_id for example. So you will use:
'required|unique:users,email,'.$this->id . ',user_id';
On my users table I have a 128 char 'hashed_password' field. In my User_model I have functions to encrypt and decrypt the password. When encrypting I randomly generate a salt and it gets stored in the first 64 chars of hashed_password field. The hashed pw result gets stored in the last 64 chars. When decrypting I do the reverse.
As I guess is almost universal, there is never a plaintext password to display.
So, when my users (through grocery_CRUD) are adding/editing a user I thought it was possible to include fake fields: "password" and "passconf" to the add & edit forms with the following:
$crud->fields('username', ... <other fields> ... 'password', 'passconf');
Just to be crystal clear - the "password" and "passconf" fields DO NOT exist on my users table. I just want my users to input the new password there then deal with it in my own way.
But it doesn't work. By that I mean the add/edit form renders with the two fake fields correctly (validation below works correctly) but if I try to update any other user information then 'Update Changes', that action fails with "Loading" graphic spinning briefly but not updating the database.
I have tried replicating this on a VERY simply grocery_CRUD form with no other complexity and get the same behaviour: the form renders correctly but will not update the db.
Is it even possible to use fake fields? Am I missing something?
Is grocery_CRUD trying to do something with these fields behind the scenes that is causing the db update to fail?
I had then hoped to do the following:
$crud->set_rules('password', 'Password', 'callback_valid_password');
$crud->set_rules('passconf', 'Password Confirmation', 'matches[password]');
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'encrypt_password_callback'));
function encrypt_password_callback($post_array, $primary_key = null){
if ($post_array['password'] <> '') {
$this->User_model->set_password($post_array['username'], $post_array['password']);
}
}
function valid_password($str) {
//do some pw validation
return TRUE;
}
I have solved this problem using insert and update callbacks then encrypting the password then unset(ing) the offending 'password' & 'passconf' fields before the insert or update db call.
I use Symfony 1.4.11. I have two tables "companies" and "ads". When user add new ad, he can connect ad with his company.Before it I check, if user have company, for example I have variable $has_company, if $has_company==1 - user has company, if $has_company==0 he has not company. If user want connect company with ad, he must check checkbox :-) So I want to validate checkbox, If user check checkbox, and he has not company,I want to show messages, that first he must create company.... Is it possible? Can I use sfValidatorBoolean ? If yes, how to validate variable has_company? Thank you!
I think you can create a method in myUser class to check if the current user has a company (if your models user and company are linked).
And then, you can pass the result of this method in option of your form.
For validation, you can use a callback validator : http://www.symfony-project.org/forms/1_4/en/B-Validators#chapter_b_sub_sfvalidatorcallback
you can use halt_on_error option like
$v = new sfValidatorAnd(
array(
new sfValidatorString(array('max_length' => 255)),
new sfValidatorEmail(),
),
array('halt_on_error' => true),
array('invalid' => 'The input value must be an email with less than 255 characters.')
);