[Solved] User Password Update

Yii 1.1 General Discussion
1

I am trying to add validation error reporting to a password update form. The user should enter their old password, a new password and the new password a second time to verify.

Here is the controller action I made so far (it works just fine):




public function actionPassword($id) {

	$user = app()->user->getUser();

	if (isset($user->user_id) && $user->user_id === $id) {

		$model = $this->loadModel($id);

		$model->setScenario('changePassword');

		if(isset($_POST['User'])){

			$model->attributes = $_POST['User'];

			if($model->validate()){

				if(sha1($model->salt.$_POST['User']['old_password'])===$model->password) {

					$model->password = sha1($model->salt.$_POST['User']['pass1']);

					if($model->save()){

						app()->user->setFlash('success', 'Saved new password!');

					}

				}

			}

		}

		

		$this->render('/user/password', array('model' => $model));

	} else {

		// access denied for this user

		throw new CHttpException(403, 'Access Denied.');

	}

}

My only model validation rules for this scenario are:




array('old_password, pass1, pass2', 'required', 'on' => 'changePassword'),

array('pass2', 'compare', 'compareAttribute' => 'pass1', 'on' => 'changePassword'),

How can I make the old_password form field take the error class if the old password does not match the hashed password currently in the database? For now I just have an if statement with the sha1() as argument, but if they don’t match, the user doesn’t get alerted to this.

2

Add a custom validation rule:




    array('old_password', 'checkOldPassword', 'on' => 'changePassword'),







    public function checkOldPassword($attribute, $params)

    {

        if (sha1($this->salt . $this->old_password) !== $this->password)

            $this->addError('old_password', 'Your old password was incorrect.');

    }