@TheKeyboard

Simple User Registration in CakePHP 1.2, Part II

I got a question in the comments about my previous post on simple user registration about how to do some of the necessary validation for registration in the model. I thought I’d show some code I did to do exactly that.

The key to all this stuff is using a second form field for doing the validation. Here’s some sample code for you, based on the latest straight-from-svn version of Cake PHP 1.2 (r6402) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

<?php



/**

 * Class used for user authentication on the league website

 *

 */



class User extends AppModel

{

    var $name = 'User';



    var $validate = array(

        'id' => array('rule' => 'blank',

                      'on' => 'create'),

        'username' => array('rule' => 'alphanumeric',

                            'required' => true,

                            'message' => 'Please enter a username'),

        'password' => array('rule' => array('confirmPassword', 'password'),

                            'message' => 'Passwords do not match'),

        'password_confirm' => array('rule' => 'alphanumeric',

                                    'required' => true)

    );



    function confirmPassword($data) {

        $valid = false;



        if ($data['password'] == Security::hash(Configure::read('Security.salt') . $this->data['User']['password_confirm'])) {

            $valid = true;

        }



        return $valid;

    }



}

?>

So, let’s talk about what’s in there.

  • make sure that the username is alphanumeric and has been entered
  • make sure the password exists and run the custom validation function ‘confirmPassword’ on the data being posted in
  • make sure that our confirm password field exists and is alphanumeric

The only tricky thing when I made this was figuring out how to compare the two password fields, and where to get the proper hashing from. Initially I thought that I could somehow import the Auth component in there but a quick chat with gwoo showed me how stupid that was when I could just duplicate how the component itself is hashing the password field. That’s what is going in with the use of Security::hash(…).

Hope that helps.

Posted by Chris Hartjes

Comments