Hi, I’m having some issues to avoid the field contrasena (means p@ssw0rd in spanish) to be full when I’m upd@ting a record on my CRUD, because they could just inspect the element and know other users p@ssw0rd, I want it to be empty, any idea about how to fix it? my _form is attached, thanks!
Do not use contrasena in your _form. Create new propery in your Operador model that will hold the new user pass ( the one that users will enter in update form ).
Example:
In your Operador model create new public property, and create rules for it:
public $newPassword;
public function rules()
{
return [
// other rules
['newPassword', 'string', 'min' => 6],
];
}
I advise you not to make this field required, because user may not want to change password, maybe they only want to change username or email or whatever else u have.
Next inside your update action of your OperadorController you want to check did user changed his password, and in case he did, you want to hash and save it to database.
public function actionUpdate($id)
{
$model = $this->findModel($id);
// other code
if ($model->load(Yii::$app->request->post()))
{
// only if user entered new password we want to hash and save it
if ($model->newPassword)
{
$model->setPassword($model->newPassword);
}
// you may want to redirect them to some other view, just update this code
if ($model->save())
{
return $this->redirect('index');
}
}
return $this->render('update', [
'model' => $model,
]);
}
And now inside your _form, use this $newPassword property instead of contrasena: