Re: Validate data & md5

I don't get that. I think that presents a false sense of security.

It's best practice to use a secure connection whenever you're
transmitting passwords. And if you're handling the request over secure
http, then it doesn't matter if you send the password back to the
user.

On Jun 4, 10:08 am, vekija <vedran.konto...@gmail.com> wrote:
> When you have an error on the registration form, it is a best practice
> to clear the password value and force the user to renter that info.
>
> So, in the controller...
>
> if($this->User->save($this->data)) {
>    // ... whatever you do after user had registered successfully} else {
>
>  // ... there was an error
>  $this->data['User']['password'] = null;
>
> }
>
> V
>
> On Jun 4, 4:21 pm, Chrriss <polet...@wanadoo.fr> wrote:
>
> > Hi,
>
> > I have a form to add a user and I use an md5 encryption when I save
> > the password in the database.
> > I use $validate to check if the email address is valid. If it's not,
> > the form shows the data again with the error message but the password
> > is not the right one in this case. It's the hashed password. So when I
> > re-enter a valid email address, the password that is saved in the
> > database is not the one I wanted!
>
> > How can I do ?
>
> > Thank you in advance!

Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions.

You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en