Topic: Problem with same password validation in cakephp model

[sonoton345]

I'm doing password validation in one of my model - jobseeker.php - which works fine during registration. The problem is when a user is editing his/her profile, it still does validation for same password (entered password do not match error comes up), is there a way to bypass this if just editing profile and use it only during registration?

Code: [Select]

var $validate = array(
'username' => array(
'unique' => array(
'rule' => array('checkUnique', 'email'),
'message' => 'Email already registered.'
)
),
'password' => array(
'notEmpty' => array(
'rule' => array('minLength', 6),
'required' => true,
'allowEmpty' => false,
'message' => 'Password has to be at least 6 characters long'
),
'password_similar' => array(
'rule' => 'checkPasswords',
'message' => 'Entered passwords do not match'
))
);
function checkPasswords($data) {
if ($this->data['Jobseeker']['password'] == $this->data['Jobseeker']['password2'])
  return true;
else
return false;

}


[jcombs_31]

Why not just exclude the password data from the edit/update form?

[sonoton345]

Thank you. someone pointed me to a jquery plugin, so instead of doing validation in model I'm doing it in view which solved the problem.

Now I have another problem..what could prevent pages that use the database from not loading (the status bar is just stuck)  while other pages not using the database are loading perfectly? I wasn't having this problem before till I changed the validation.

[jcombs_31]

Set your debug value to 2 in the config settings to see if there is an error. 

I also would advise against validation on the client side.  A user can easily bypass validation by turning off javascript.  I only think javascript is a solution if you are using ajax, otherwise you are doing things twice.  Don't rely on javascript. 

Again, you can still validate the other fields in the model, just don't pass the password in the $this->data array.

[sonoton345]

thanks. It is actually set to "2" and it's not displaying any error.

[sonoton345]

Again, you can still validate the other fields in the model, just don't pass the password in the $this->data array.

I don't understand what you meant here. Are you saying when editing, don't put in the password field?

[jcombs_31]

Yes, don't you have a separate function for changing passwords?

[sonoton345]

no i don't. that was what i was trying to do in the first place with admin (my other post). if i get that to work then i can use the same method for others.

[sonoton345]

Why not just exclude the password data from the edit/update form?

I excluded the password data from the edit form and it's still doing a password form test.