[joeysantiago]

Hello!

i'm quite new to Yii... so this can be quite a stupid question.

I have a user moel that saves on my db sha1 versions of passwords. i'd like my users to be able to set a new password when updating their user profile... how could i prevent the password field to be already completed on the update form?

thanks a lot

joey

[Maurizio Domba]

in actionUpdate after $model= new User;
add $model->password='';

[joeysantiago]

thanks for the suggestion!!

i thought not to display the password field in the update form and i'd like to create a new action for the model: newpassword.

So, in UsersController i added an action:

	public function actionNewpassword()
	{
		$model=$this->loadModel();

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['BoUsers']))
		{
                        if($model->password == sha1($_POST['BoUsers']['password']));
			$model->attributes=$_POST['BoUsers'];
                        $model->password = sha1($model->password);
			if($model->save())
				$this->redirect(array('view','id'=>$model->idBOUsers));
		}

		$this->render('newpassword',array(
			'model'=>$model,
		));
	}

i thought that $this->render would have called the file newpassword.php in views folder... but i got an error 404... what's the matter?

thanks!

[Maurizio Domba]

It should... if the model is BoUsers than the view files should be in /protected/views/boUsers

but I tryed to request a nonexistent view and

I'm getting error 500 UserController cannot find the requested view "updatexy", and you got the 404 - don't know why

[joeysantiago]

mdomba, on 28 April 2010 - 04:04 AM, said:

It should... if the model is BoUsers than the view files should be in /protected/views/boUsers

but I tryed to request a nonexistent view and

I'm getting error 500 UserController cannot find the requested view "updatexy", and you got the 404 - don't know why

thanks!!

i got it!

i was calling the link without passing an id to it... now it goes!

[joeysantiago]

mhm... i'm still having problems...

i added a field newpassword to the BoUsers class, then my _formpass.php looks like this:

<div class="row">
		<?php echo $form->labelEx($model,'password'); ?>
		<?php echo $form->passwordField(BoUsers::model(),'password',array('size'=>50,'maxlength'=>50)); ?>
		<?php echo $form->error($model,'password'); ?>
	</div>

        <div class="row">
		<?php echo $form->labelEx($model,'newpassword'); ?>
		<?php echo $form->passwordField(BoUsers::model(),'newpassword',array('size'=>50,'maxlength'=>50)); ?>
		<?php echo $form->error($model,'newpassword'); ?>
	</div>

and my actionNewpassword is:

public function actionNewpassword()
	{
		$model=$this->loadModel();

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['BoUsers']))
		{
                        if($model->validatePassword(sha1($_POST['BoUsers']['password']))){
                            $model->attributes=$_POST['BoUsers'];
                            echo $_POST['BoUsers']['newpassword'];
                            $model->password = sha1($model->newpassword);
                            if($model->save())
                                    $this->redirect(array('view','id'=>$model->idBOUsers));
                        }
                        else $model->addError('password','The password provided is incorrect!');
		}

		$this->render('newpassword',array(
			'model'=>$model,
		));
	} 

. i also added a rule in the model:

array('newpassword','required','on'=>'newpassword', 'message'=>'hey, guy... set a password!'),

expecting my newpassword field to be required in the form, but it's not. Does anyone know why?

... nothing works at the moment

[Maurizio Domba]

try to remove 'on'=>'newpassword', this is for scenario not for action...

[joeysantiago]

but this way the newpassword field is required also on creation form...

Should i build a new scenario, then? i'll try that

[Maurizio Domba]

Didn't use that yet.... try to set scenario... 'on'=>'update'

[joeysantiago]

wow, it works!!

thanks a lot!

[joeysantiago]

d'oh!!
this way it asks me for a value for newpassword in the update action too... i think i should try setting up a newpassword scenario. i'll try that out. thanks a lot!

[joeysantiago]

it works with scenario...

here's the code!
the function actionNewpassword sets the scenario:

public function actionNewpassword()
	{
		$model=$this->loadModel();
                $model->setScenario("newpwd");
		// Uncomment the following line if AJAX validation is needed
		//$this->performAjaxValidation($model);

		if(isset($_POST['BoUsers']))
		{
                        if($model->validatePassword(sha1($_POST['BoUsers']['password']))){
                            $model->attributes=$_POST['BoUsers'];
                            $model->newpassword=$_POST['BoUsers']['newpassword'];
                            if($model->validate()){
                                $model->password = sha1($model->newpassword);
                            }
                            if($model->save()){
                                $this->redirect(array('view','id'=>$model->idBOUsers));
                            }
                        }
                        else $model->addError('password','The password provided is incorrect!');
		}

		$this->render('newpassword',array(
			'model'=>$model,
		));
	} 

and this is the rule:

array('newpassword','required','on'=>'newpwd', 'message'=>'you must set a new password!'),