[eluser]johnmerlino[/eluser]
Hey all,
I have this in user model:
Code: class User extends DataMapper {
var $validation = array(
array(
'field' => 'password',
'label' => 'New Password',
'rules' => array('required')
),
array(
'field' => 'password_confirmation',
'label' => 'Password Confirmation',
'rules' => array('matches' => 'password')
)
);
Basically, I am checking to see that password field is not empty and password confirmation field matches password field. However, the input fields are located in view called passwords/edit because I isolated password functionality to a passwords controller:
Code: //passwords controller
public function update(){
$user = new User();
$user->where('id',$this->current_user()->id)->get();
$user->setPassword($this->input->post('password'));
if($user->save()){
$this->session->set_flashdata('flash_message', 'The password has been successfully updated.');
redirect("homes");
}
else {
$this->session->set_flashdata('flash_message',$user->error->string);
redirect("passwords/edit");
}
}
passwords view:
Code: //views/passwords/edit.php
<h1>Edit Password Form</h1>
<?php
echo form_open('passwords/update');
echo label('New Password');
echo form_password('password');
echo label('Password Confirmation');
echo form_password('password_confirmation');
echo form_submit('submit','Update Password');
?>
<div>
<?php echo validation_errors(); ?>
<? if($this->session->flashdata('flash_message')): ?>
<div id="flash_message">
<?= $this->session->flashdata('flash_message') ?>
</div>
<? endif ?>
</div>
Now when the form is posted, I can access the query string variables with $this->input->post. However, despite data being in query string, the validation rule still throws the error, as if the field is empty, even though it isn't.
Thanks for response.
[eluser]WanWizard[/eluser]
And what does setPassword() do?
[eluser]johnmerlino[/eluser]
[quote author="WanWizard" date="1305462137"]And what does setPassword() do?[/quote]
This:
Code: //User model
public function setPassword($password){
if ( ! is_null( $password ) ) {
$this->password_salt = User::random_string_generator();
$this->encrypted_password = User::encrypt($password,$this->password_salt);
return;
}
return null;
}
public static function random_string_generator(){
$chars = array_merge(range("a","z"),range("A","Z"),range("0","9"));
shuffle($chars);
return implode('',array_slice($chars,0,10));
}
public static function encrypt($pass,$salt){
return sha1($pass . $salt);
}
And this is the update method:
Code: //passwords controller
public function update(){
$user = new User();
$user->where('id',$this->current_user()->id)->get();
$user->setPassword($this->input->post('password'));
if($user->save()){
$this->session->set_flashdata('flash_message', 'The password has been successfully updated.');
redirect("homes");
}
else {
$this->session->set_flashdata('flash_message',$user->error->string);
redirect("passwords/edit");
}
}
When save() is called, it checks user model validation and reports that the password field is blank, even though it isn't and I confirmed that by var_dump() the post data.
Thanks for response.
[eluser]WanWizard[/eluser]
Well, according to your model definition, you have a field called 'password', but I don't see that set anywhere in setPassword()? So to to me it's quite logical it's blank...
[eluser]johnmerlino[/eluser]
[quote author="WanWizard" date="1305492556"]Well, according to your model definition, you have a field called 'password', but I don't see that set anywhere in setPassword()? So to to me it's quite logical it's blank...[/quote]
There is no field in database called password. I have one called password_salt and encrypted_password, but I do not have an input field in form called password_salt or encrypted_password because that's generated behind the scenes based on the input in password field. User only has to specify what the password they want is as a matter of convenience for them. System handles the rest for security. Hence, I just want to check whether the value in password input field is blank. When data posts, it is not blank, as I can echo it from post array.
[eluser]WanWizard[/eluser]
Still confused why you have defined validation rules for the fields 'password' and 'password_confirmation' in your model. Because when you save() these rules are executed.
[eluser]johnmerlino[/eluser]
[quote author="WanWizard" date="1305501384"]Still confused why you have defined validation rules for the fields 'password' and 'password_confirmation' in your model. Because when you save() these rules are executed.[/quote]
The validation rules are just supposed to check if the input element with a name attribute of 'email' contains data and if that input element contains matching information with the input element with a name attribute of 'password_confirmation'. It should just be checking the actual data in the form, not the fields in the database. It shouldn't matter if there is a field in database called password or not. Based on code I posted, the value from password field is used to populate two fields in database called password_salt and encrypted_password. But this should be irrelevant to the validation, which is just validating the user input, not the existance of fields in the database.
Thanks for response.
[eluser]johnmerlino[/eluser]
It also says:
Code: you can now add validation rules for non-Database Table fields, such as 'Confirm Email Address' or 'Confirm Password'. For example:
var $validation = array(
array(
'field' => 'confirm_password', // accessed via $this->confirm_password
'label' => 'Confirm Password',
'rules' => array( 'matches' => 'encrypted_password')
)
);
This doesnt work for me either. I added the above code in my user model. I have two fields in my view called confirm_password and encrypted_password. I give them two different values, yet it successfully updates anyway. However, I do not know what is meant by "accessed via $this->confirm_password" given that you cannot reassign $this like that in views. In fact, I believe $this refers to CI super object.
thanks for response
[eluser]johnmerlino[/eluser]
This doesn't work either:
Code: var $validation = array(
array(
'field' => 'encrypted_password',
'label' => 'New Password',
'rules' => array('required')
),
array(
'field' => 'confirm_password',
'label' => 'Password Confirmation',
'rules' => array('match_password')
)
);
function _match_password($field){
if(!empty($this->field)){
return $this->field == $this->encrypted_password;
}
}
Even if I give wrong matches, it still updates.
[eluser]WanWizard[/eluser]
[quote author="johnmerlino" date="1306006270"]It also says:
Code: you can now add validation rules for non-Database Table fields, such as 'Confirm Email Address' or 'Confirm Password'. For example:
This doesnt work for me either. I added the above code in my user model. I have two fields in my view called confirm_password and encrypted_password. I give them two different values, yet it successfully updates anyway. However, I do not know what is meant by "accessed via $this->confirm_password" given that you cannot reassign $this like that in views. In fact, I believe $this refers to CI super object.[/quote]
$this refers to the Datamapper object, on which the validation rules run.
So if you define a validation rule on a field called 'confirm_password', your Datamapper object must contain a property called 'confirm_password':
Code: $object->confirm_password = $this->input->post('confirm_password');
.
|