I have a Users table which stores the information of the account of each user of my application. The password of the users are stored encrypted with MD5 function. My problem is when i update the user information, the password is showed on screen in md5 hash format.
If i save some record, the password is also getting overwritten with the MD5 value. How can i avoid re-saving the password in the database.
or is it possible to update/re-save fields that are changed and not all of them??
You can even allow the user to update the password with appropriate rules enforced.
public function actionUpdate($id)
{
$model=$this->loadModel($id);
$oldPassword=$model->password;//Capture the old password.
$model->password='';//Make this empty.else the hashed password appears as string of dots in form field.
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->password=="")
$model->password=$oldPassword;
else $model->password=md5($model->password);//customize the encrypting logic in your own way.You can put some additional salt.
if($model->save())
$this->redirect(array('view','id'=>$model->id));
}
$this->render('update',array(
'model'=>$model,
));
}
Remove it from your input fields in your update view so that it does not show (it will then not be overwritten). You can create a specific view when you need to change the password.
public function actionUpdate($id)
{
$model=$this->loadModel($id);
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->save(true,array('name','age','sex','email'))) //leave out password attribute.
$this->redirect(array('view','id'=>$model->id));
}
$this->render('update',array(
'model'=>$model,
));
}
or
In Model
public function beforeSave()
{
if(!$this->getIsNewRecord())
unset($this->password);
return parent::beforeSave();
}