Handling User Updates With Encrypted Passwords

When using CRUD to auto-generate the code for a user table it leaves me with a question about the best way to handle handle user updates with md5 encrypted passwords.

When creating a user this is easy, because if the password field is empty or doesn’t meet complexity requirements then it throws an error and all passwords entered can be encrypted. With user updates it’s a little different though and I’ve seen several implementations.


[*]Have the update form blank out the password and if it’s still blank on submit then don’t update the password.

[*]Let the password naturally populate the field and if the populated field matched the md5 stored password then don’t update it.


How do you handle whether the user updates the password or not? Is there a short and sweet way to code this that would be considered a best practice? I’d be interested in seeing some code. Right now I’ve been clearing the field and using this in the controller:

if (empty($record->password)) $record->password=User::model()->findByPk($record->user_id)->password);

I’d recommend having two separate attributes for the hashed and plain text passwords. The hashed one should only be updated on a password change request or on registration. In those scenarios, you’d require that the plain text password be filled in.

Note that only the hashed attribute would correspond with a database field. The plain text one is an attribute of just the model and is only filled in when the user is attempting to register a change.

By doing this, you can find and save the record normally, as you’ll just be sending the unaltered hashed password each time.

Dear nozomi

I hope the following code be helpful.


public function actionUpdate($id)



        $oldPassword=$model->password;//Capture the old password.

        $model->password='';//Make this empty.else the hashed password appears as string of dots in form field.







                        else $model->password=md5($model->password);//customize the encrypting logic in your own way.You can put some additional salt.








Thanks for the thought and example. It’s always nice reality check and make sure there isn’t some set in stone way of doing something. I’ll stick with leaving the password field blank if no changes need to be made to it.

thanx for the topic…

i used md5. but i got a problem in validation , i am accepting from user that that pwd should contain atleast one letter, 1 special character and one digit but though user entered correct format it shows error of validation… is this error occurs coz of encryption??..

plz help…

thanx in advance…