I am testing a migration from 1.3 to 2.0 for an Intranet site. After logging on an existing user, print_r($this->Auth->user()); returns the following:
Array
(
[username] => keith
[password] => f793ff5af0ea72013679a4635f40fbfaa5808895
)
Theuser is defined in the Users table, so I would have expected to see all of the fields which are defined in the Users table, which is the behaviour under 1.3.
In 2.0 $this->Auth->login($this->request->data) will log the user in with whatever data is posted, whereas in 1.3 $this->Auth->login($this->data) would try to identify the user first and only log in when successful.
http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
I'm guessing you passed data to your $this->Auth->login() method. $this->Auth->login() will authenticate and login with the form data POSTed without passing the data in (which will log in the user no matter what).
Related
Am I crazy or are all the HealthCloud field permissions just unavailable to be queried via the rest API Soql calls?
If I issue this query in the developer console:
SELECT Id, SobjectType, Field, PermissionsEdit, PermissionsRead FROM FieldPermissions where SObjectType = 'PlanBenefitItem'
It returns exactly what I expect it to return - data about the fields and permissions. Issuing it via the API returns no records at all. I've checked all the object permission stuff because there's some weird rules about showing and not showing row data, but all of that seems fine and I wouldn't expect any return in the dev console if it weren't the case.
Is there something I'm missing here?
i have a mysql query as below :
select * from users where email='xxx#xxx.com' and password = SHA1(CONCAT(SHA1(SHA1("123456")),salt))
i want to convert to cake PHP find using beforSave Function :
public function beforeFind(array $queryData) {
if(isset($queryData['conditions']['User.password'])) {
$queryData['conditions']['User.password'] = 'SHA1(CONCAT(SHA1(SHA1("'.$queryData['conditions']['User.password'].'")),User.salt))';
}
$this->log($queryData);
return $queryData;
}
the mysql query is run okie but in cakephp find this not work.
Thank for help.
Don't include plain-text passwords in your queries!
You should never do this; you're including plain-text passwords as part of your query and including your 'salt' values as readable string as well.
SQL queries may be logged (and backed up), so those log files can contain all this information in readable format!
You should 'hash' the password using PHP and use the hashed password to query your database
Hashing passwords via the AuthComponent
First of all, if you're using the AuthComponent, CakePHP will do all this kind of actions automatically; it will look up/identify a user and (if correct) allow you to log-in that user.
See: Authentication
To encrypt passwords 'manually', use AuthComponent::Password() or Security::hash()
I'm in a hurry right now, but if you need more information or an example, place a comment, then I will add that information
If I have understood your problem correctly then you want to search for a user with given username and password. You don't need to use beforeSave for this. If you want to encode password then surely you could use beforeFind or IMO you can do it in a single line itself, just before you execute the query.
You can use Cakephp find by query method. Something like this $this->Users->query("your mysql query"); or if you want to use normal find, that would also work.
$user = $this->Users->find('first', array(
'conditions' => array('Users.email' => $email, 'Users.password' => $password)
));
Hope that helps.
Is it possible in CakePHP 1.3 to login a user by indicating the user's id in the users table?
Now, to do a "manual" login, I do this (which works):
$this->data['User']['username'] = username;
$this->data['User']['password'] = password;
$this->Auth->login($this->data);
I would like to be able to indicate the specific user, for example adding $this->data['User']['user_id'] before the login() function. (I've tried that but it doesn't work).
The reason I want to do this is because in the users table there are different users records of users who have the same username and password. It seems odd but in my case makes sense, since one same user may create several accounts for different reasons, and he may choose the same username/password.
Any ideas would be much appreciated!
EDIT:
I'm going to give a specific example of what I'm trying to do, maybe it helps to bring some ideas.
Say I have this 2 records in the users table (fields are user_id / username / password / account_id):
Record 1: 1 / johndoe / password1 / 10
Record 2: 2 / johndoe / password1 / 15
So this 2 records have same username and password, but different user_id and account_id. When the login is processed, I know what account_id the user has chosen. So I want to log in the corresponding user. So if the user chooses account 15, then logs is, I should be logging in the user with id 2.
However, the way cake's login works, it always retrieves the first record that matches username / password. In this example, cake would be logging in the user with id 1.
Is there any way I can do what I want?
Doesn't sound like a very good idea to me, but if you really want/must do it that way, then have a look at AuthComponent::userScope. You can use it to define additional conditions for authentication lookups, for example:
$this->Auth->userScope = array('User.account_id' => 15);
That way authentication would only be successful when username and password match and the users account_id is 15, ie the resulting query would look something like this
User.username = 'abc' AND User.password = 'xyz' AND User.account_id = 15
I currently have a users table and a posts table. My posts table has a field for user_id, however, I am not sure how I would grab the users name field which is in the users table. I was thinking of using the models afterFind() method and then using SQL to select the data, but there has to be a better way than this. Also, on my view action, I am using the read() function to grab a single post. Would the models afterFind() kick in after it runs read()? If not, is there an equivalent such as afterRead()?
Just make an association of Post belongsTo User, and every regular find/read operation that has a sufficiently high recursive value will automatically fetch the user with each post.
$post = $this->Post->find(...);
echo $post['User']['name'];
you have to go like below :
$this->Cake->findById(7); Cake.id = 7
here , you can you use your user_id instead of 7 like..
Find BY CAKE PHP
$this->Post->bindModel(array('belongsTo'=>'User'));
$post = $this->Post->findById($post_id);
$userName = $post['User']['name'];
Here are errors, I've typed it in eclipse (:
I am using the bulk upload code described at http://www.salesforce.com/us/developer/docs/api_asynch/.
The only difference is that i am uploading a custom object type. I can access Employee_c. But now i get a different error
stateMessage='InvalidBatch : Field name not found : First Name'
First Name is the first column in the csv.
While debugging i can see that the temp csv is being created correctly. However i get this error when checkResults executes. The code is exactly the same as in the sample java code for bulk api using REST.
I am using the free developer version of salesforce.
I created a new permission set where i have given following permissions on custom object employee:
Read/create/edit/delete/view all/modify all.
All fields are given edit permissions.
The permission set is associated with salesforce user license.
The programmatic login is with a user associated with System administrator profile , which has sales force user license.
But still the error persists!
Any pointers would be appreciated
Thanks
Sameer
Try "FirstName" without the space.
You can view the API name of any field in Setup > App Setup > Objects > (Select Your Object) > (Select Your Field). Make sure all the fields you are querying have the correct API names.