views:

96

answers:

1

My registration form is not checking all the fields and is calling login and saying that I registered successfully. Also, if both passwords are blank, it still "registers"

heres my User model

<?php 
class User extends AppModel
{
    var $name = 'User';
    var $validate = array(
        'username' => array(
            'rule' => 'notEmpty',
            'alphaNumeric' => array(
                        'rule'      => 'alphaNumeric',
                        'required'  => true,
                        'on'        => 'create',
                        'message'   => 'Username must be only letters and numbers, no special characters'
                    ),
                    'between' => array(
                        'rule'      => array('between', 5, 20),
                        'on'        => 'create',
                        'message'   => 'Username must be between 5 and 20 characters',
                    ),
                    'isUnique' => array(
                        'rule'      => 'isUnique',
                        'on'        => 'create',
                        'message'   => 'This username is already taken. Please choose a different one.'
                    )
        ),
        'password' => array(
            'rule' => 'notEmpty',
            'required' => true
        ),
        'password_confirm' => array(
            'rule' => 'notEmpty',
            'required' => true,
        ),
        'email' => array(
            'rule' => 'notEmpty',
            'rule' => array('email', true),
            'required' => true,
            'message' => 'Please provide a valid email address'
        )
    );

    function validateLogin($data) 
    { 
        $user = $this->find(array('username' => $data['username'], 'password' => md5($data['password'])), array('id', 'username')); 
        if(empty($user) == false) 
            return $user['User']; 
        return false; 
    }
}
?>

and heres my user controller

<?php
class UsersController extends AppController 
{
    var $name = 'Users';    
    var $components = array('Auth');
    var $helpers = array('Html', 'Form');

    function index() {}

    function beforeFilter()
    {
        //$this->__validateLoginStatus();
        $this->Auth->allow('register'); 
    }

    function login() 
    { 
        if ($this->Session->read('Auth.User')) {
            $this->Session->setFlash('You are logged in!');
            $this->redirect('/articles', null, false);
        }
    }

    function logout() 
    {
        $this->Session->setFlash('You have successfully logged out.');
        $this->redirect($this->Auth->logout());
    }

    function __validateLoginStatus()
    {
        if ($this->action != 'login' && $this->action != 'logout')
        {
            if ($this->Session->check('User') == false)
            {
                $this->Session->setFlash('You need to be logged in to view this page.');
                $this->redirect('login');
            }
        }
    }

    function register() 
    {
        if (!empty($this->data)) 
        {
            if ($this->data['User']['password'] == $this->Auth->password($this->data['User']['password_confirm']))
            {
                $this->User->create();
                $this->User->save($this->data);
                $this->Session->setFlash('You have been registered, please log in.');
                $this->redirect(array('action' => 'login'));
            }
            else
            {
                $this->Session->setFlash('Your passwords did not match.');
            }
            $this->data['User']['password'] = ''; // reset the password field
        }
    }
}
?>

also heres my register.ctp

<h1>Register</h1>
<?php
    echo $form->create('User', array('action' => 'register'));
    echo $form->input('username');
    echo $form->input('password');
    echo $form->input('password_confirm', array('type' => 'password'));
    echo $form->input('email', array('rows' => '1'));
    echo $form->end('Register');
?>
+3  A: 

Well, it's the only thing your code is supposed to do...

$this->User->save($this->data);
$this->Session->setFlash('You have been registered, please log in.');
$this->redirect(array('action' => 'login'));
  1. Try to save data.
  2. Set success message.
  3. Redirect to login.

You're probably looking for something like this:

if ($this->User->save($this->data)) {
    $this->Session->setFlash('You have been registered, please log in.');
    $this->redirect(array('action' => 'login'));
} else {
    $this->Session->setFlash("Nu'uh.");
}
deceze
+1 for the use of an unconventional contraction. "Nu'uh", FTW.
Rob Wilkerson