Hi all,
I am facing a strange problem with the security component.
I have a form with following fields in it:
First Name (firstname)
Last Name (lastname)
Primary Email (primaryemail)
Password (password)
Retype Password
Secondary Email (secondaryemail)
Residence Address (address)
State
City (city_id)
Location (location_id)
Designation (employeetype_id)
Pincode (pincode)
Residence Phone (residencephone)
Mobile Phone (mobilephone)
Office Phone 1 (officephone1)
Office Phone 2 (officephone2)
Department (department_id)
all the fields mentioned above which have a secondary name in brackets are the fileds which are present in database table and those who have not are not there in the database table.
i.e. I have added states, retype password as an extra in the form.
The main problem is that the "Security" component is blocking from adding a new record to the databse table.
I have added the above two fields to the ignored list array but it still doesn't submits and generates a blackholed request.
The code for add method of controller is as follows:
function add()
{
if( !empty($this->data) )
{
$this->Employee->create();
if( $this->Employee->save($this->data) )
{
$this->Session->setFlash(__('The employee has been saved', true), 'success');
$this->redirect(array('action' => 'index'));
}
else
{
$this->Session->setFlash(__('The employee could not be saved. Please, try again.', true), 'error');
}
}
$states = $this->Employee->City->State->find('list', array(
'order' => array('name ASC')
));
$employeetypes = $this->Employee->Employeetype->find('list', array(
'conditions' => array('Employeetype.id <> ' => '1'),
'order' => array('name ASC')
));
$departments = $this->Employee->Department->find('list', array(
'order' => array('name ASC')
));
$locations = $this->Employee->Location->find('list', array(
'order' => array('name ASC')
));
$this->set(compact('states', 'employeetypes', 'departments', 'locations'));
}
View file add.ctp is having the following code:
<div class="employees form">
<?php echo $this->Form->create('Employee');?>
<fieldset>
<legend><?php __('New Employee'); ?></legend>
<?php
echo $this->element('employee_form');
?>
</fieldset>
<?php echo $this->Form->end(__('Submit', true));?>
</div>
and the code for the element "employee_form" is as follows:
<?php
echo $this->Html->script('jquery.validate.min');
echo $this->Html->script('common');
echo $this->Html->script('jquery.typewatch');
?>
<script type="text/javascript">
$(document).ready(function(){
$("form").validate({
errorClass: "jqueryError",
errorElement: 'label',
debug: false,
submitHandler: function(form) {
$(':submit', form).attr('disabled', 'disabled').addClass('inactive');
form.submit();
}
});
$('#EmployeeStateId').change(function() {
if($('#EmployeeStateId').val() != "")
{
populateSelectBox('EmployeeCityId', 'get', '<?php echo $this->Html->url(array('controller' => 'cities', 'action' => 'getCities', 'admin' => false)); ?>', {stateId: $(this).val()});
}
else
{
$('#EmployeeCityId').empty();
}
});
$('#EmployeePrimaryemail').typeWatch(750, function(){
var $email = $('#EmployeePrimaryemail');
var $response = $('#response');
var $btnSubmit = $('submit');
var re = new RegExp("^([0-9a-zA-Z]([-.\\w]*[0-9a-zA-Z])*@([0-9a-zA-Z][-\\w]*[0-9a-zA-Z]\\.)+[a-zA-Z]{2,9})$");
if($email.val() != '' && re.test($email.val()) )
{
$.ajax({
type: 'get',
url: '<?php echo $this->Html->url(array('controller' => 'employees', 'action' => 'checkEmail', 'admin' => false)); ?>',
data: {
email: $email.val()
},
dataType: 'text',
success: function(data)
{
if(data == '1')
{
$response.attr('style', '')
.attr('style', "color:red;")
.html('Email already registered please enter a different email.');
$btnSubmit.attr('disabled',true);
}
else if(data == '0')
{
$response.attr('style', '')
.attr('style', "color:green;")
.html('Available');
$btnSubmit.attr('disabled',false);
}
else
{
$response.attr('style', '')
.attr('style', "color:red;")
.html('Error occured while attempting to connect with the server. Please try again after some time.');
$btnSubmit.attr('disabled',true);
}
},
beforeSend: function(){
$email.addClass('show_loading_in_right')
},
complete: function(){
$email.removeClass('show_loading_in_right')
}
});
}
else
{
$response.attr('style', '')
.attr('style', "display:none;")
.html("");
}
});
});
</script>
<?php
echo $this->Form->input('firstname', array(
'label' => 'First Name',
'class' => 'required',
'between' => $this->Html->tag('span', '(Only letters and numbers, atleast 2 characters)', array('class' => 'description'))
));
echo $this->Form->input('lastname', array(
'label' => 'Last Name',
'between' => $this->Html->tag('span', '(Atleast 3 characters)', array('class' => 'description'))
));
echo $this->Form->input('primaryemail', array(
'label' => 'Primary Email',
'class' => 'required email',
'between' => $this->Html->tag('span', '(This will be your username)', array('class' => 'description'))
));
echo $this->Html->div('', '', array(
'id' => 'response', 'style' => 'display:none'
));
echo $this->Form->input('password', array(
'label' => 'Password',
'class' => 'required',
'between' => $this->Html->tag('span', '(Atleast 4 characters long)', array('class' => 'description'))
));
echo $this->Form->input('retypePassword', array(
'label' => 'Retype Password',
'type' => 'password',
'equalto' => '#EmployeePassword',
'class' => 'required',
'secure' => false,
'between' => $this->Html->tag('span', '(Should be exactly same as password entered above)', array('class' => 'description'))
));
echo $this->Form->input('secondaryemail', array(
'label' => 'Secondary Email',
'between' => $this->Html->tag('span', '(Enter your secondary email, if any)', array('class' => 'description'))
));
echo $this->Form->input('state_id', array(
'type' => 'select',
'secure' => false,
'options' => $states,
'empty' => 'Select',
'label' => 'State',
'class' => 'required',
'between' => $this->Html->tag('span', '(Choose your state)', array('class' => 'description'))
));
echo $this->Form->input('city_id', array(
'label' => 'City',
'class' => 'required',
'between' => $this->Html->tag('span', '(Choose your city)', array('class' => 'description'))
));
echo $this->Form->input('address', array(
'label' => 'Residence Address',
'between' => $this->Html->tag('span', '(Enter your address)', array('class' => 'description'))
));
echo $this->Form->input('pincode', array(
'label' => 'Pincode',
'between' => $this->Html->tag('span', '(Enter pincode)', array('class' => 'description'))
));
echo $this->Form->input('residencephone', array(
'class' => 'required',
'label' => 'Residence Phone',
'between' => $this->Html->tag('span', '(Enter your phone number, if any)', array('class' => 'description'))
));
echo $this->Form->input('mobilephone', array(
'label' => 'Mobile Phone',
'between' => $this->Html->tag('span', '(Enter your mobile number, if any)', array('class' => 'description'))
));
echo $this->Form->input('location_id', array(
'label' => 'Location',
'class' => 'required',
'between' => $this->Html->tag('span', '(Choose your work location)', array('class' => 'description'))
));
echo $this->Form->input('employeetype_id', array(
'class' => 'required',
'label' => 'Your Profile',
'type' => 'select',
'options' => $employeetypes,
'between' => $this->Html->tag('span', '(Select your company profile or role)', array('class' => 'description'))
));
echo $this->Form->input('officephone1', array(
'class' => 'required',
'label' => 'Office Phone 1',
'between' => $this->Html->tag('span', '(Enter your office\'s number 1, if any)', array('class' => 'description'))
));
echo $this->Form->input('officephone2', array(
'label' => 'Office Phone 2',
'between' => $this->Html->tag('span', '(Enter your office\'s number 2, if any)', array('class' => 'description'))
));
echo $this->Form->input('department_id', array(
'type' => 'select',
'options' => $departments,
'label' => 'Department',
'class' => 'required',
'between' => $this->Html->tag('span', '(Choose your department)', array('class' => 'description'))
));
?>
What might be the problem ? I don't want to disable the validatePost property in the controller.
Any help is greatly appreciated. I am using the latest version of cakephp (1.3.3)
Thanks