我正在制作我的第一个cakephp应用程序。Auth和原始验证工作完美。
我在用户的私人页面上做了一点修改,其中显示了个人数据,我使它能够用jQuery+jEditable编辑数据,工作完美。
我的问题是,当我修改例如电子邮件到一个坏的,我的意思是"someone@.com"或"somone.com@asdf.com"。所以我认为你可以得到,我的应用程序不能使用"验证"时,我修改数据与就地的方式。
我将对所有字段进行验证:不为空,正确的电子邮件语法和新密码与md5哈希生成和密码确认。
你会看到一切都在工作,但密码不是,我不知道如何使用确认字段和md5哈希生成。
如果你能帮我一点忙,我将不胜感激,我是新手。
我也会知道这个安全,我需要注意什么?
代码如下:
UsersController.php
public function in_place_editing($id = null) {
if (!$id) return;
if ($this->request->data) {
# get all the fields with its values (there should be only one, but anyway ...)
foreach($this->data['User'] as $field => $value)
{
# check if the provided field name is acceptable
switch($field)
{
case 'email':
case 'postcode':
case 'city':
case 'address':
case 'phone':
break;
default:
$this->set('updated_value', '');
return;
}
$this->User->id = $id;
$this->User->save($field, $value);
$this->set('updated_value', $value);
$this->beforeRender();
$this->layout = 'ajax';
}
}
}
索引。CTP(这是私有数据页)
<h2>Personal details</h2>
<table cellpadding="0" cellspacing="0">
<tr>
<td>Name</td>
<td><?php echo $userdata[0]['User']['name']; ?></td>
</tr>
<tr>
<td>E-mail</td>
<td>
<?php
echo $this->inPlaceEditing->input('User', 'email', $userdata[0]['User']['id'],
array('value' => $userdata[0]['User']['email'],
'actionName' => 'users/in_place_editing',
'type' => 'text',
'cancelText' => 'Cancel',
'submitText' => 'Save',
'toolTip' => 'Click to edit',
//'containerType' => 'td'
)
);
?>
</td>
</tr>
<tr>
<td>Postcode</td>
<td>
<?php
echo $this->inPlaceEditing->input('User', 'postcode', $userdata[0]['User']['id'],
array('value' => $userdata[0]['User']['postcode'],
'actionName' => 'users/in_place_editing',
'type' => 'text',
'cancelText' => 'Cancel',
'submitText' => 'Save',
'toolTip' => 'Click to edit',
//'containerType' => 'td'
)
);
?>
</td>
</tr>
<tr>
<td>City</td>
<td>
<?php
echo $this->inPlaceEditing->input('User', 'city', $userdata[0]['User']['id'],
array('value' => $userdata[0]['User']['city'],
'actionName' => 'users/in_place_editing',
'type' => 'text',
'cancelText' => 'Cancel',
'submitText' => 'Save',
'toolTip' => 'Click to edit',
//'containerType' => 'td'
)
);
?></td>
</tr>
<tr>
<td>Address</td>
<td>
<?php
echo $this->inPlaceEditing->input('User', 'address', $userdata[0]['User']['id'],
array('value' => $userdata[0]['User']['address'],
'actionName' => 'users/in_place_editing',
'type' => 'text',
'cancelText' => 'Cancel',
'submitText' => 'Save',
'toolTip' => 'Click to edit',
//'containerType' => 'td'
)
);
?>
</td>
</tr>
<tr>
<td>Phone number</td>
<td>
<?php
echo $this->inPlaceEditing->input('User', 'phone', $userdata[0]['User']['id'],
array('value' => $userdata[0]['User']['phone'],
'actionName' => 'users/in_place_editing',
'type' => 'text',
'cancelText' => 'Cancel',
'submitText' => 'Save',
'toolTip' => 'Click to edit',
//'containerType' => 'td'
)
);
?>
</td>
</tr>
</table><br>
<h2>User and password</h2>
<table cellpadding="0" cellspacing="0">
<tr>
<td>Username</td>
<td><?php echo $userdata[0]['User']['username']; ?></td>
</tr>
<td>Password</th>
<td>Modify</td>
</tr>
</table>
OR you can directly add validation rule to controller.
$this->User->set($this->request->data);
<pre>
$this->User->validate['email'] = array('Mail'=>array( 'rule' => 'email',
'message' => 'improperemail','on'=>create')));
</pre>
before saveField check for validation.
as if($this->Users->validates())
{
enter saveField code
}
将验证规则添加到您为user创建的模型中。它是用户模型的电子邮件验证示例。您可以使用更多的验证电话,邮政编码作为数值
var $validate =array('email'=>array(
'Email' => array(
'rule'=>'email',
'message'=>'Improper email address'
)));
查看链接:http://book.cakephp.org/2.0/en/models/data-validation.html#Validation::email
foreach($this->data['User'] as $field => $value)
{
# check if the provided field name is acceptable
switch($field)
{
case 'email':
case 'postcode':
case 'city':
case 'address':
case 'phone':
break;
default:
$this->set('updated_value', '');
return;
}
$this->User->set($this->request->data);
$this->User->validate['email'] = array('Mail'=>array( 'rule' => 'email',
'message' => 'improperemail','on'=>'update')));
if($this->Users->validates())
{
$this->User->id = $id;
$this->User->save($field, $value);
}
else
{
$this->Session->setFlash('not a valid field your are posting');
$errors=$this->User->validationerrors;
}