cakePHP驗證繞過更新

Question

我有一個配置文件頁面，當用戶嘗試更新其頁面配置文件，並且輸入不根據驗證規則驗證，它仍然繼續保存（或至少輸出成功消息）但沒有數據被存儲，它將恢復到原始值。只有在通過驗證規則時，它纔會存儲這些值。

我不知道如何解決這個問題，因爲我的驗證規則看起來正確。有任何想法嗎？

驗證規則

public $validate = array(
    "username" => array(
     "email" => array(
      "rule" => "email", 
      "message" => "The username must be a valid email address." 
     ), 
     "unique" => array(
      "rule" => "isUnique", 
      "message" => "This username has already been registered." 
     ) 
    ), 
    "password" => array(
     "alphaNumeric" => array(
      "rule" => "alphaNumeric", 
      "message" => "The password can only contain alpha-numeric characters" 
     ), 
     "between" => array(
      "rule" => array("between",8,12), 
      "message" => "The password must contain between 8 - 12 characters." 
     ) 
    ), 
    "company" => array(
     "rule" => "notEmpty", 
     "message" => "Please provide a company name" 
    ), 
    "first_name" => array(
     "rule" => "notEmpty", 
     "message" => "Please provide the contact person's first name" 
    ), 
    "last_name" => array(
     "rule" => "notEmpty", 
     "message" => "Please provide the contact person's last name" 
    ), 
    "telephone" => array(
     "numeric" => array(
      "rule" => "numeric", 
      "message" => "The telephone number must be numeric" 
     ), 
     "maxLength" => array(
      "rule" => array("maxLength",10), 
      "message" => "Your telephone umber must be 10 numbers." 
     ) 
    ), 
    "fax" => array(
     "numeric" => array(
      "rule" => "numeric", 
      "message" => "The fax number must be numeric" 
     ), 
     "maxLength" => array(
      "rule" => array("maxLength",10), 
      "message" => "Your fax umber must be 10 numbers." 
     ) 
    ), 
    "user_type_id" => array(
     "rule" => "numeric", 
     "message" => "Please select a user type" 
    ), 
    "user_status_id" => array(
     "rule" => "numeric", 
     "message" => "Please select the users status." 
    ) 
); 

控制器的方法：

public function profile() { 
    if($this->request->is('post') || $this->request->is('put')) { 
     if($this->Auth->user("id") == $this->request->data['User']['id']) { 
      $this->User->save($this->request->data); 
      $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success')); 
     } else { 
      $this->Session->setFlash("An error has occured updating your profile."); 
     } 
    } 
    $this->request->data = $this->User->read(null,$this->Auth->user("id")); 
} 

Answer 1

您的驗證可能正常工作。我認爲問題是由於以下邏輯：

if($this->Auth->user("id") == $this->request->data['User']['id']) { 
    $this->User->save($this->request->data); 
    $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success')); 
} else { 
    $this->Session->setFlash("An error has occured updating your profile."); 
} 

if語句僅檢查當前登錄的用戶標識是否與表單中提交的用戶標識匹配。如果ID匹配，它會嘗試保存該記錄。然後它會執行該行。

因此，無論保存的調用是否生效，它仍將移動到下一行$this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));。這就是爲什麼它說每次都更新配置文件。

你可能想類似的東西：

if($this->Auth->user("id") == $this->request->data['User']['id']) { 
    if ($this->User->save($this->request->data)) { 
     $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success')); 
    } else { 
     $this->Session->setFlash("An error has occured updating your profile."); 
    } 
} else { 
    this->Session->setFlash("This is not your profile."); 
} 

Answer 2

問題是你如果塊。你沒有一個周圍$this->User->save($this->request->data);

，所以你需要

if ($this->User->save($this->request->data)) { 
    // set good flash 
} else { 
    // else set bad flash 
} 

然後你就需要一個針對Auth->用戶（「身份證」）不等於後的數據（或合併如果你只是給出一個通用的消息，那麼這兩個變成1 if語句）。