Since vanilla CakePHP doesn't handle password fields very well on user edit views (echoing the hashed password into the password field, etc), I'm trying to use dereuromark's PasswordableBehavior to handle user registration and password updates.
I tried following the tutorial (http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/) making the following changes, but the server keeps throwing an error. What is the problem here? Because the error is in PasswordableBehavior.php, I'm not 100% certain I'm screwing up.
UsersController.php:
public function register() {
if ($this->request->is('post') || $this->request->is('put')) {
$this->User->Behaviors->attach('Tools.Passwordable');
if ($this->User->save($this->request->data, true, array('username', 'name', 'email', 'pwd', 'pwd_repeat', 'group_id'))) {
$this->Session->setFlash(__('The user has been saved'), 'flash/success');
$this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash(__('The user could not be saved. Please, try again.'), 'flash/error');
}
unset($this->request->data['User']['pwd']);
unset($this->request->data['User']['pwd_repeat']);
}
and register.ctp (possible security hole alert)
<?php
echo $this->Form->create('User', array('role' => 'form'));
echo $this->Form->input('username', array('class' => 'form-control'));
echo $this->Form->input('name', array('class' => 'form-control'));
echo $this->Form->input('email', array('class' => 'form-control'));
echo $this->Form->input('password', array('class' => 'form-control'));
echo $this->Form->hidden('group_id', array('value'=>3));
echo $this->Form->submit('Submit', array('class' => 'btn btn-large btn-primary'));
echo $this->Form->end();
Finally, the server error:
Strict (2048): Declaration of PasswordableBehavior::beforeValidate() should be compatible with ModelBehavior::beforeValidate(Model $model, $options = Array) [APP/Plugin/Tools/Model/Behavior/PasswordableBehavior.php, line 338]
Strict (2048): Declaration of PasswordableBehavior::beforeSave() should be compatible with ModelBehavior::beforeSave(Model $model, $options = Array) [APP/Plugin/Tools/Model/Behavior/PasswordableBehavior.php, line 338]
1) Strict errors are not a big deal. IMO just turn off Strict Error Reporting.
2) The errors you're seeing are because the two methods in the Behavior (
beforeValidate()andbeforeSave()) don't have the full options.Just make sure they have the correct options like below, and the strict errors will go away: