Validating made up fields in CakePHP? - cakephp

Here's my scenario:
I'm creating a password change page.
the real field that holds the password is User.password
On the password create page, I used 3 made up fields:
$form->input('User.old_passwd');
$form->input('User.new_passwd');
$form->input('User.confirm_new_passwd');
How do I validate them with the rules:
old password must match User.password
new_passwd and confirmnew_passwd must
be equal
Are there better solutions for this? I'm open for suggestions. Thanks!

The built-in authentication component doesn't offer that functionality. I would specify the validation rules for your "made up" fields in the validate property of the model and write my own validation methods, for example: correctPassword() to ensure that the users enter their old password and matchingPasswords() to ensure that the new password was re-typed correctly.
var $validate = array(
// your existing validation rules
'old_passwd' => array(
'rule' => 'correctPassword',
'message' => 'invalid password'
),
'new_passwd' => array(
'rule' => array('minLength', 8),
'message' => '8 characters minimum';
),
'confirm_new_passwd' => array(
'rule' => 'matchingPasswords',
'message' => 'passwords do not match'
)
);
function correctPassword($check) { }
function matchingPasswords($check) { }
See the Cookbook for more information about custom validation rules.

Related

Drupal 7 - how do I create a custom registration form

I am new to Drupal development. I want to create a registration form for visitors of my site. Default registration page only has two fields: Username and Email address.
How can I add more fields to it, e.g password, picture and timezone. I also want to capture tow other information - Date of Birth and Gender. These two fields are not available in default users table. How can I tie these information with a user account? Do I have to create a new table and put these information there referencing the uid of user table? If it is possible how can I pull the joined record?
Is there any possibility that I create a new content type for this purpose but records still go to default users table and can be used for login?
If 2 above is not possible I probably have to use hook_form_alter but where should I put this function?
When creating a custom registration form shall I use default registration page i.e. /user/register and customize it?
I am sorry if above questions look very childish and silly! Hope you will consider my my newbie status. If possible please help me with a step by step solution.
Thanks!
UPDATE
To accomplish the requirement I created a custom module called user_signup and in user_signup.module file I have written the following code.
<?php
/*
Implements hook_menu()
*/
function user_signup_menu(){
$items = array();
$items['user/signup'] = array(
'title' => 'Sign Up',
'page callback' => 'drupal_get_form',
'page arguments' => array('user_signup_registration_page'),
'access arguments' => array('access content'),
);
return $items;
}
function user_signup_registration_page($form, &$form_state){
$form['name'] = array(
'#title' => 'Username',
'#description' => 'choose a username',
'#type' => 'textfield',
'#required' => TRUE,
);
$form['mail'] = array(
'#title' => 'Email',
'#description' => 'enter a valid email address',
'#type' => 'textfield',
'#required' => TRUE,
);
$form['pass'] = array(
'#title' => 'Password',
'#description' => 'Enter a strong password',
'#type' => 'password',
'#required' => TRUE
);
$form['submit'] = array(
'#type' => 'submit',
'#value' => t('Create Account'),
);
return $form;
}
function user_signup_registration_page_submit($form, &$form_state){
$new_user_id = db_insert('users')
->$fields(array( **//this is line number 45**
'name' => $form_state['values']['name'],
'mail' => $form_state['values']['mail'],
'pass' => $form_state['values']['pass'],
))
->execute();
drupal_set_message(t('New user created'));
}
Everything works perfectly but when I hit the submit button I am getting this error:
Fatal error: Method name must be a string in D:\xampp\htdocs\imdbind\sites\all\modules\user-signup\user_signup.module on line 45
I have marked line number 45 in above code snippet as **//this is line number 45**. I did not find any difference when comparing my code with theirs. What I am doing wrong?
Just change line 45 with following
From:
->$fields(array( **//this is line number 45**
To
->fields(array( **//this is line number 45**
You can add Fields here /admin/config/people/accounts/fields int eh People Account settings Manage Fields form.

Model behavior trying to validate when it shouldn’t be

I’ve created a simple model behavior in my CakePHP application to handle file uploads. In its beforeValidate() method I have the following:
public function beforeValidate(Model $Model, $options = array()) {
$maxFileSize = '1MB';
$Model->validator()->add($this->settings[$Model->alias]['field'], array(
'extension' => array(
'rule' => array('extension', $this->settings[$Model->alias]['allowedExtensions']),
'message' => __('Please supply a valid image'),
'allowEmpty' => ($this->settings[$Model->alias]['required'] === false)
),
'fileSize' => array(
'rule' => array('fileSize', '<=', $maxFileSize),
'message' => __('Image must be less than %s', $maxFileSize)
),
'uploadError' => array(
'rule' => 'uploadError',
'message' => __('Something went wrong with the upload')
)
));
return true;
}
I’m dynamically adding file field-related validation. The first rule is checking the extension is in an allowed array of extensions passed in the behavior settings, and I’ve an allowEmpty key that equates to true because a file upload is not mandatory in this case.
This behavior is attached to an Event class. When editing an event, the extension validation rule kicks in, even though I’ve specified allowEmpty as true. Why is this?
Is it because the data passed in the file field is an array and actually equates to non-empty, therefore the validation is kicking in? If so, how can I combat this? I only want validation to kick in if a file has actually been uploaded.
Is it because the data passed in the file field is an array and actually equates to non-empty, therefore the validation is kicking in?
Yes. If no file is uploaded the array key for the model field will still be present, with a none-empty value. I.e. something like:
//$request->data
array(
'Model' => array(
'field' => array(
...
'size' => 0,
'error' => 4
)
)
);
Coping with optional file uploads
To prevent problems validating a field which is a file upload - a simple option is to check for UPLOAD_ERR_NO_FILE and wipe the relevant model data. In a beforeValidate callback that could look like this:
$field = $this->settings[$Model->alias]['field'];
if (
isset($Model->data[$Model->alias][$field]['error']) &&
$Model->data[$Model->alias][$field]['error'] === UPLOAD_ERR_NO_FILE
) {
unset($Model->data[$Model->alias][$field]);
}
Alternatively add a bail-early chunk of code to all validation rules:
function validateExt($Model, ...) {
$field = $this->settings[$Model->alias]['field'];
if ($Model->data[$Model->alias][$field]['error'] === UPLOAD_ERR_NO_FILE) {
return true;
}
...
}
Such that even if called with an empty file upload the validation rules do not return false negatives. Incidentally, validation rule-order matters, it would make more sense to check for an upload error - before validating the contents of the upload =).

Cakephp 2.3.9 custom message in model validation not working

I am doing model validation in my admin panel login so there is only two fields username and password. Validation is working but custom message which I have written in my model is not shown.
Model
public $validate = array(
'username' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Please Enter Your Username'
)
),
'password' => array(
'required' => array(
'rule' => array ('notEmpty'),
'message' => 'Please Enter Your Password'
)
)
);
Controller
function login(){
$this->layout = 'admin_login';
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
}
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
View
echo $this->Form->create('Admin',array('autocomplete'=>"off"));
echo '<div style="width:294px;float:left;position:relative;">';
echo $this->Form->input('username' , array('label' => '', 'placeholder' =>'Enter your username','div' => false));
echo $this->Form->input('password' , array('label' => '', 'value' =>'', 'div' => false,'placeholder'=>'Enter Your Password'));
echo '</div>';
echo '<div style="padding-left:0px;">';
echo $this->Form->end(__('Login' ,true));
I have already tried a few things like which is mentioned in this link, but it's not working for me.
CakePHP : Validation message not displaying
That looks like a message from the browser and not CakePHP.
CakePHP now adds a required attribute which modern browsers can use to trigger an error.
You can do one of three things here:
One: Set up your form to leave validation to the server:
$this->Form->create(array('novalidate'=>true));
Two: Set a custom validation message in the browser: http://www.whatwg.org/specs/web-apps/current-work/multipage/association-of-controls-and-forms.html#dom-cva-setcustomvalidity
Three: tolerate it
You get that message because the "username" field is flagged as "required". Maybe you've not defined it in the Form->input() function, but the "required" flag has been automatically added from the Model (due to your validation rules). As timstermatic said, it's a browser validation message caused by the required attribute.
To solve this issue (and show the CakePHP validation message) you've to force for avoiding the addition of the "required" flag on your field:
$this->Form->input('username', array('required' => FALSE));
This will override the Model automatic additions. Happy coding ;)
*Edited => It's important to clarify that the inline override removes only the required flag on the field: you'll take advantage of the Model validation anyway (just because if an empty field is sent to the server, it will not pass the validation rule you entered.
keep this code it will bypass the html5 validation and add your custom validations
view
echo $this->form->create('Post',array('action'=>'add'));
echo $this->form->input('title');
echo $this->form->input('body');
echo $this->form->submit('Save Post',array('formnovalidate'=>true));
echo $this->form->end();//Creates ending form tag
Model
var $validate=array(
'title'=>array(
'title_must_not_be_empty'=>array('rule'=>'notEmpty','message'=>'Please enter a title),
'title_must_be_unique'=>array('rule'=>'isUnique','message'=>'Title name already exists')
),
'body'=>array(
'body_must_not_be_empty'=>array(
'rule'=>'notEmpty',
'message'=>'Please enter body'
)
)
);
This will work just the way you want

Request object exposing password check variable

So in the sake of security I force all password change requests to validate through a password check. The problem I have is that using a debug($this->request) call I'm seeing a plaintext password:
object(CakeRequest) {
...snip...
data => array(
'User' => array(
'password' => '*****',
'password_check' => 'asdfa',
'id' => '38'
)
)
...snip...
}
Should this be a concern for me? Is there a way I can have password_check treated like a password?
as long as you don't actually print it anywhere on the page you will be fine!

Cakephp validating specific field with specific rule without saving the data from controller

I want to validate fields with Cakephp model validation, without saving the data, for which i am using the following code in controller.
$this->Model->set($this->data);
if ($this->Model->validates()) {
......
}
But here i want to validate only some specific field like 'email_field' and one of its rule 'email'. In model i have specified some other rules for 'email_field' like 'unique' and 'notempty' but i don't want to validate those rules.
How can it be achieved ?
The above will work definitely but it's not an elegant solution when cake has already documented how to validate specific fields of a Model.
if ($this->Model->validates(array('fieldList' => array('field1', 'field2')))) {
// valid
} else {
// invalid
}
For more detail see cookbook
you have different options
you can dynamically unset those other rules:
unset($this->Model->validate['field']['someRuleName']);
or you can assign a completely new rule set to this field
or you can use a different "nonexistent" field for this validation, e.g. "some_other_field" with special rules.
......
$this->Registry->validate = array(
'email_field' => array(
'between' => array(
'rule' => array('between', 10, 100),
'message' => 'Your custom message here',
'required' => true,
),
)
);
$this->Model->set($this->data);
if ($this->Model->validates(array('fieldList' => array('email_field')))) {
......
}

Resources