Checking password length problem for registration in CakePHP_问答_开发者

Checking password length problem for registration in CakePHP

开发者 https://www.devze.com 2023-02-20 10:38 出处：网络

I\'m trying to write a base user registration page and my problem is on checking password length string. I\'ve read of various problem and solutions on that but I still in troubles.

I'm trying to write a base user registration page and my problem is on checking password length string. I've read of various problem and solutions on that but I still in troubles.

This is what I've wrote:

class UsersController extends AppController {

    function register () {
        if (!empty ($this->data)) {
            if ($this->data['User']['password'] == $this->Auth->password($this->data['User']['password_confirm'])) {
                if ($this->User->save($this->data)) {
                    $this->Session->setFlash('All ok');
                    $this->redirect(array('action', 'login'));
                }
            } else {
                $this->Session->setFlash('Password mismatch');
                $this->redirect(array('action', 'register'));
            }
        }
    }
}

Then the user model:

var $validate = array (
    'username' => array (
        'alphaNumeric' => array(
            'rule' => 'alphaNumeric',
            'required' => true,
            'message' => 'Alphanumeric chars only'
        ),
        'between' => array(
      开发者_Go百科      'rule' => array('between', 1, 24),
            'message' => 'Username between 1 and 24 chars'
        )
    ),
    'password' => array (
        'between' => array(
            'rule' => array('between', 7, 25),
            'message' => 'Password between 8 and 24 chars'
        )
    )
);

File register.ctp

<?php
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->input('password_confirm', array('type' => 'password'));
echo $this->Form->end('Register account');
?>

The password and password_confirm checking works perfect, if I write different passwords I get the error, if the password are equal, I get a password length error, where I'm wrong?

log:

2011-03-29 23:20:41 Error: Array
(
    [User] => Array
    (
        [username] => tonino
        [password] => ae4f47749b697085b2f7322383fa7b14c79e06f6
        [password_confirm] => passwordtest
    )

)

I've forgot to say my password is SHA1 hashed, so how I can check if an user write a too long password?

Passwords are hashed automatically by the AuthComponent. All the validation you're doing is done on the password "ae4f47749b697085b2f7322383fa7b14c79e06f6", not "passwordtest", which is why it fails validation. You need to do the validation on the password_confirm field, not the password field.

See here for an example of a somewhat transparent solution.