我正在尝试使登录工作…但是当我注册(使用add)函数时,我曾经有一个md5,然后我将其更改为$this->Auth->password,然后我尝试没有那行。嗯,第一次登录很好…但由于某种原因,它在登录时再次更改哈希值,它永远不会与数据库匹配。我不知道如何解决这个问题…这是我的代码
<?php
class UsersController extends AppController {
var $uses = array("User");
var $components = array('Auth', 'Session');
function index()
{
$this->set('users', $this->User->find('all'));
$this->layout = 'master_layout';
}
function beforeFilter() {
$this->Auth->allow('add');
}
function add() {
if (!empty($this->data)) {
//pass is hashed already
//->data['User']['password'] = $this->Auth->password($this->data['User']['password']);
if ($this->User->save($this->data)) {
$this->Session->setFlash('Your were registered!.');
$this->redirect(array('action' => 'index'));
}
}
$this->layout = 'master_layout';
}
//IF THE DATABASE IS SET UP CORRECTLY CAKE AUTHENTICATES AUTOMATICALLY NO
//LOGIC IS NEEDED FOR LOGIN http://book.cakephp.org/view/1250/Authentication
function login() {
$this->layout = 'master_layout';
}
function logout() {
$this->redirect($this->Auth->logout());
}
}
?>
<?php
echo $this->Session->flash('auth');
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->end('Login');
?>
你不应该在表单上使用密码作为字段名。这样,即使是空字符串也会被保存,并且会把已经保存的字符串弄乱。根据你的beforeave方法,空字符串甚至可能被保存为哈希(掩盖它实际上是一个空密码)。
看到http://www.dereuromark.de/2011/08/25/working-with-passwords-in-cakephp/