Yii Framework Forum: Password Encryption - Yii Framework Forum

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Password Encryption password encryption Rate Topic: -----

#1 User is offline   Alankar Singh 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-March 12

Posted 24 March 2013 - 02:23 PM

I have created a user controller. on create record its wrking fine but while updating record i dont want to enter password every time means password should be update when i change it other wise not. code is given below

<?php 
		if(isset($_POST['User']))
		{
			//$model->attributes=$_POST['User'];
			
			if(!empty($_POST['User']['password']))
			{
				$model->password=$_POST['User']['password'];
			}
			$model->username=$_POST['User']['username'];
			$model->firstname=$_POST['User']['firstname'];
			$model->lastname=$_POST['User']['lastname'];
			$model->email=$_POST['User']['email'];
			$model->status=$_POST['User']['status'];
			$model->role=$_POST['User']['role'];
				if($model->save())
			{
				Yii::app()->user->setFlash('success', "Record Has Been Updated");
				$this->redirect(array('admin'));
			}
		} ?>



Now the issue is i want to encrypt password before save. i also use beforesave() in model to encrypt password but it always encrypt password either password field is empty or not.

	  public function beforeSave() 
    {
	
      if (!empty($this->password))
        { $this->password=md5($this->password);}

    
	 //  return parent::beforeSave();
    }


Can anyone guide what is wrong i am doing here and which encryption we should use MD5 or crypt ?
0

#2 User is offline   KonApaz 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,327
  • Joined: 21-February 11
  • Location:Greece

Posted 26 March 2013 - 04:35 PM

Hi Alankar.

Are you sure the password is empty on beforesave?

If update a record the password has the stored from database value. (update action)

With your code you set the password from post form when the field is not empty.
But if it is empty the password remains the same (by the database)

Then in your beforesave code you re-encrypt the old password and then save!

To see if it is empty echo the password ob beforesave like that

       public function beforeSave() 
    {
      echo($this->password); die();
      if (!empty($this->password))
        { $this->password=md5($this->password);}

    
         //  return parent::beforeSave();
    }


If the value is not empty then I will thing what you can do :)
Yii is the best php framework in the world!
find our demo Yii extension on www.webkit.gr
Is it post useful? please v++ ;)
0

#3 User is offline   Alankar Singh 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-March 12

Posted 27 March 2013 - 01:30 PM

View PostKonApaz, on 26 March 2013 - 04:35 PM, said:

Hi Alankar.

Are you sure the password is empty on beforesave?

If update a record the password has the stored from database value. (update action)

With your code you set the password from post form when the field is not empty.
But if it is empty the password remains the same (by the database)

Then in your beforesave code you re-encrypt the old password and then save!

To see if it is empty echo the password ob beforesave like that

       public function beforeSave() 
    {
      echo($this->password); die();
      if (!empty($this->password))
        { $this->password=md5($this->password);}

    
         //  return parent::beforeSave();
    }


If the value is not empty then I will thing what you can do :)



Hi KonApaz

i checked it and found that password is not empty, it has a password value from database.

What actually i want that password should updated when i enter it into textbox otherwise it should remains same.
0

#4 User is offline   KonApaz 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,327
  • Joined: 21-February 11
  • Location:Greece

Posted 27 March 2013 - 02:16 PM

View PostAlankar Singh, on 27 March 2013 - 01:30 PM, said:

Hi KonApaz

i checked it and found that password is not empty, it has a password value from database.

What actually i want that password should updated when i enter it into textbox otherwise it should remains same.


ok, as I ecpected... :)

In your model (User)
first store the pass in another variable,and set null the password on afterFind

private $sPassword=null;
 public function afterFind() {
            if ($this->password) {
                $this->sPassword = $this->password;
                $this->password=null;
            }
        }
        parent::afterFind();
    }




now the system knows whether the password pre-exists, now what...
If the password filled by post form it means that will have to be stored

 public function beforeSave() {
            if (!$this->password) 
                $this->password = $this->sPassword;       
            } else {
                $this->password = md5( $this->password);
            }
        return parent::beforeSave();
}


Now you can save the new or not password! :)
Yii is the best php framework in the world!
find our demo Yii extension on www.webkit.gr
Is it post useful? please v++ ;)
0

#5 User is offline   Alankar Singh 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-March 12

Posted 28 March 2013 - 12:35 PM

View PostKonApaz, on 27 March 2013 - 02:16 PM, said:

ok, as I ecpected... :)

In your model (User)
first store the pass in another variable,and set null the password on afterFind

private $sPassword=null;
 public function afterFind() {
            if ($this->password) {
                $this->sPassword = $this->password;
                $this->password=null;
            }
        }
        parent::afterFind();
    }




now the system knows whether the password pre-exists, now what...
If the password filled by post form it means that will have to be stored

 public function beforeSave() {
            if (!$this->password) 
                $this->password = $this->sPassword;       
            } else {
                $this->password = md5( $this->password);
            }
        return parent::beforeSave();
}


Now you can save the new or not password! :)


Thanks, its working :)
0

#6 User is offline   KonApaz 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,327
  • Joined: 21-February 11
  • Location:Greece

Posted 28 March 2013 - 05:40 PM

View PostAlankar Singh, on 28 March 2013 - 12:35 PM, said:

Thanks, its working :)


You welcome :) Thanks the Yii team for pre and post event-action :)
Yii is the best php framework in the world!
find our demo Yii extension on www.webkit.gr
Is it post useful? please v++ ;)
1

#7 User is offline   Alankar Singh 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-March 12

Posted 29 March 2013 - 03:12 AM

View PostKonApaz, on 27 March 2013 - 02:16 PM, said:

ok, as I ecpected... :)

In your model (User)
first store the pass in another variable,and set null the password on afterFind

private $sPassword=null;
 public function afterFind() {
            if ($this->password) {
                $this->sPassword = $this->password;
                $this->password=null;
            }
        }
        parent::afterFind();
    }




now the system knows whether the password pre-exists, now what...
If the password filled by post form it means that will have to be stored

 public function beforeSave() {
            if (!$this->password) 
                $this->password = $this->sPassword;       
            } else {
                $this->password = md5( $this->password);
            }
        return parent::beforeSave();
}


Now you can save the new or not password! :)


Hi KonApaz

your solution is 100% good for updatation but by this now i am unable to login because $this->password hassbeen set to null
0

#8 User is offline   redguy 

  • Master Member
  • PipPipPipPip
  • Yii
  • Group: Members
  • Posts: 820
  • Joined: 02-July 10
  • Location:Central Poland

Posted 30 March 2013 - 04:13 AM

You need to keep the value in 'password' attribute.
private $sPassword=null;
    public function afterFind() {
        $this->sPassword = $this->password;
        parent::afterFind();
    }
    public function beforeSave() {
        if ($this->isNewRecord || $this->password != $this->sPassword) {
            $this->password = md5( $this->password);
        }
        return parent::beforeSave();
    }

red
0

#9 User is offline   KonApaz 

  • Elite Member
  • PipPipPipPipPip
  • Yii
  • Group: Members
  • Posts: 1,327
  • Joined: 21-February 11
  • Location:Greece

Posted 02 April 2013 - 12:13 PM

View PostAlankar Singh, on 29 March 2013 - 03:12 AM, said:

Hi KonApaz

your solution is 100% good for updatation but by this now i am unable to login because $this->password hassbeen set to null


Ok, make this trick

public static $getPass=false;
private $sPassword=null;
 public function afterFind() {
            if ($this->password) {
                $this->sPassword = $this->password;
                if (self::$getPass==false) $this->password=null;
            }
        }
        parent::afterFind();
    }

//in your protected/components/UserIntentity.php modify the authenticate method like this

 public function authenticate() {
 User::$getPass = true;
..all left code...
 User::$getPass = false;
}


;)
Yii is the best php framework in the world!
find our demo Yii extension on www.webkit.gr
Is it post useful? please v++ ;)
1

#10 User is offline   Alankar Singh 

  • Junior Member
  • Pip
  • Yii
  • Group: Members
  • Posts: 42
  • Joined: 22-March 12

Posted 09 April 2013 - 03:43 PM

View PostKonApaz, on 02 April 2013 - 12:13 PM, said:

Ok, make this trick

public static $getPass=false;
private $sPassword=null;
 public function afterFind() {
            if ($this->password) {
                $this->sPassword = $this->password;
                if (self::$getPass==false) $this->password=null;
            }
        }
        parent::afterFind();
    }

//in your protected/components/UserIntentity.php modify the authenticate method like this

 public function authenticate() {
 User::$getPass = true;
..all left code...
 User::$getPass = false;
}


;)


thanks
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users