cakephp密碼驗證

Question

var $validate = array(
    'password' => array(
     'passwordlength' => array('rule' => array('between', 8, 50),'message' => 'Enter 8-50 chars'), 
     'passwordequal' => array('checkpasswords','message' => 'Passwords dont match') 
) 
); 

function checkpasswords() 
{ 
    return strcmp($this->data['Airline']['password'],$this->data['Airline']['confirm password']); 
} 

此代碼無法正常工作，即使它們匹配，也總是給出錯誤消息。另外，當我做一個編輯我得到的後續錯誤，因爲沒有密碼字段。是否有任何修補程序

Undefined index: password [APP/models/airline.php, line 25] 

Answer 1

這裏是錯誤

'passwordequal' => array('checkpasswords','message' => 'Passwords dont match') 

我改成了

'passwordequal' => array('rule' =>'checkpasswords','message' => 'Passwords dont match') 

也STRCMP功能也有失誤，因爲它會返回0（即假）在上面的代碼中所有的時間

if(strcmp($this->data['Airline']['password'],$this->data['Airline']['confirm_password']) ==0) 
{ 
    return true; 
} 
return false; 

Answer 2

您是否使用AuthComponent？請注意，它會散列所有傳入的密碼字段（但不包括「密碼確認」字段，請與debug($this->data)一起檢查），以便字段永遠不會相同。 Read the manual and use AuthComponent::password做檢查。

---

話雖如此，這裏的東西我用：

public $validate = array(
    'password' => array(
     'confirm' => array(
      'rule' => array('password', 'password_control', 'confirm'), 
      'message' => 'Repeat password', 
      'last' => true 
     ), 
     'length' => array(
      'rule' => array('password', 'password_control', 'length'), 
      'message' => 'At least 6 characters' 
     ) 
    ), 
    'password_control' => array(
     'notempty' => array(
      'rule' => array('notEmpty'), 
      'allowEmpty' => false, 
      'message' => 'Repeat password' 
     ) 
    ) 
); 

public function password($data, $controlField, $test) { 
    if (!isset($this->data[$this->alias][$controlField])) { 
     trigger_error('Password control field not set.'); 
     return false; 
    } 

    $field = key($data); 
    $password = current($data); 
    $controlPassword = $this->data[$this->alias][$controlField]; 

    switch ($test) { 
     case 'confirm' : 
      if ($password !== Security::hash($controlPassword, null, true)) { 
       $this->invalidate($controlField, 'Repeat password'); 
       return false; 
      } 
      return true; 

     case 'length' : 
      return strlen($controlPassword) >= 6; 

     default : 
      trigger_error("Unknown password test '$test'."); 
    } 
} 

這是不好的，原因如下：

• 有緊耦合的形式，總是需要一個場password_control到出席。如果您的數據中沒有數據，則需要使用字段白名單或禁用驗證，即：$this->User->save($this->data, true, array('field1', 'field2'))。
• 以AuthComponent的方式手動散列密碼（因爲對模型中的組件沒有乾淨的訪問權限）。如果你改變AuthComponent中使用的算法，你也需要在這裏改變它。

話雖如此，它透明地驗證並生成適當的錯誤消息爲密碼和密碼控制字段，而無需在控制器中的任何額外的代碼。

Answer 3

對此有幫助嗎？http://sumanrs.wordpress.com/2011/10/01/cakephp-user-password-manager-authentication-missing-guide/？這應該照顧密碼驗證。

Answer 4

對於使用身份驗證的CakePHP 2.x用戶，您可能會注意到「AuthComponent不再自動散列它可以找到的每個密碼。」即上面的解決方案可能不是解決2.x問題的正確方法。 http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#hashing-passwords

Answer 5

繼承人是我的解決方案：

你必須做出一個方法命名比賽（你可以將其命名爲你喜歡什麼）：

public function match($check, $with) { 
    // Getting the keys of the parent field 
    foreach ($check as $k => $v) { 
     $$k = $v; 
    } 

    // Removing blank fields 
    $check = trim($$k); 
    $with = trim($this->data[$this->name][$with]); 

    // If both arent empty we compare and return true or false 
    if (!empty($check) && !empty($with)) { 
     return $check == $with; 
    } 

    // Return false, some fields is empty 
    return false; 
} 

而且$ validate方法應該是這樣的：

public $validate = array(
    'password' => array(
     'match' => array(
      'rule' => array('match', 'password2'), 
      'message' => 'Passwords doesnt match', 
     ), 
    ), 
); 

哪裏password2是比較你的第一場password領域

我很高興分享！：d

Answer 6

對於驗證密碼，舊密碼和確認密碼

class Adminpassword extends AppModel 
{ 


    public $name   = 'Admin'; 
      public $primaryKey = 'id'; 
      public $validate = array(
       'oldpassword' => array(
         array(
         'rule' => 'notEmpty', 
         'required' => true, 
         'message' => 'Please Enter Current password' 
         ), 
         array(
         'rule' =>'checkcurrentpasswords', 
         'message' => 'Current Password does not match' 
         ) 
       ), 
       'password' => array(
         array(
           'rule' => 'notEmpty', 
           'required' => true, 
           'message' => 'Please Enter password' 
         ), 
         array(        
         'rule' => array('minLength', 6), 
         'message' => 'Passwords must be at least 6 characters long.', 
         ) 
       ), 
       'cpassword' => array(
         array(
         'rule' => 'notEmpty', 
         'required' => true, 
         'message' => 'Please Enter Confirm password' 
         ), 
         array(
           'rule' => 'checkpasswords', 
           'required' => true, 
           'message' => 'Password & Confirm Password must be match.' 
         ) 
       ) 
      ); 

    function checkpasswords()  // to check pasword and confirm password 
    { 
     if(strcmp($this->data['Adminpassword']['password'],$this->data['Adminpassword']['cpassword']) == 0) 
     { 
      return true; 
     } 
     return false; 
    } 
    function checkcurrentpasswords() // to check current password 
    { 
     $this->id = $this->data['Adminpassword']['id']; 
     $user_data = $this->field('password');  
     //print_r(Security::hash($this->data['Adminpassword']['oldpassword'], 'sha1', true)); 
     if ($user_data == (Security::hash($this->data['Adminpassword']['oldpassword'], 'sha1', true))) 
     { 
      return true; 
     } 
     else 
     { 
     return false; 
     } 
    } 

}