CakePHP password field is empty

Question

Hi,

I am implementing an authentication component, This is my registration page

create('User',array('action' => 'login'));
    echo $form->input('primary_email',array('size'=> 32));
    echo $form->input('password',array('label' => 'Password'));
    echo $form->input('remember_me',array('label' => 'Remember Me','type'=>'checkbox','checked' => 'false'));
    echo $html->link('Forgot Password','/users/forgot/');
    echo $form->end('Login'); 

    // Javascripts
    echo $javascript->link('jquery',false);
    //echo $javascript->link('jquery.validate.js',false);
    //echo $javascript->codeBlock($code, array('inline' => false)); 

?>

When I print the contents of $this->data the password field turns up empty. How can I resolve this?

When I rename password to password2 or something else it works !!! Strange

Answer 1

this is because the Auth component removes the password from the data array (for security purposes). why would you want it to contain the password anyway? the remember me logic (which I assume you are using from the form fields) will handle logging someone in without the password.

Answer 2

Greetings from Kenya. I had the same problem with some ExtJS authentication I was working on some weeks back. A weird workaround is to go to /config/core.php and change the debug level temporarily e.g. change from Configure::write('debug', 0); to Configure::write('debug', 1); and then run your code - not necessarily the part with the Auth component - (and afterwards change the debug level back if you wish). $this->data['User']['password'] will now be populated with the hash value as intended. What causes this in the first place still beats me :)

Answer 3

I would like to see your login() function as well but indeed this problem seems weird. You can work around this by renaming your password field and then inside your login function do something like:

$this->data['password']=$this->Auth->password($this->data['User']['pwd']);
//now you can call $this->Auth->login and it will work

Answer 4

I had the same problem, Using $this->Auth->data['User']['user'] and $this->Auth->data['User']['password'] fixed it.

It looks like the auth controller removed the password from the data when it does its automagic.

Answer 5

One thing you may be able to do is have the user confirm their password, and use it for the login function. I may be completely mis-reading what you're trying to accomplish, but if you have the user Confirm their password w/ a password 2 field, you can compare the two, and also use the starting state of the confirmation password for whatever it is that you're wanting to do. So:

echo $form->input('password', array('label' => 'password'));
echo $form->input('password2', array('label' => 'Confirm Password'));

Inside of your logic for whatever you're wanting to accomplish, you can just put:

$morePermanentDataStorage = $this->data['User']['password2'];
if($this->data['User']['password'] == $this->Auth->password($this->data['User']['password2']) {
//function logic here
}

I am also assuming that your form logic from above actually starts with:

echo $form->create('User');