How can I prevent to fetch a field like password from model ?
A way to do that is to override the afterFind() method of the Model like that
function afterFind(){
$this->password =null;
parent::afterFind();
}
Everything workd fine, all the views not display this field but I cannot get the password (because set null) to Identify the user on login action. (UserIdentity)
I don’t want just to remove the code in view files but I want to prevent from Model to give the value of password.
Also I want a robust way (without trick) to do that
public function actionUpdate($id)
{
$model=$this->loadModel($id);
$oldPassword=$model->password;//Capture the old password.
$model->password='';//Make this empty.else the hashed password appears as string of dots in form field.
if(isset($_POST['User']))
{
$model->attributes=$_POST['User'];
if($model->password=="")
$model->password=$oldPassword;
else $model->password=md5($model->password);//customize the encrypting logic in your own way.You can put some additional salt.
if($model->save())
$this->redirect(array('view','id'=>$model->id));
}
$this->render('update',array(
'model'=>$model,
));
}