Hi, everyone,
Has anyone noticed that when you are using Yii-user, if you input a wrong captcha, your "password" field will not disappear , instead, it will be the md5 of your password.
So if you ignore it and click continue, it will be md5(md5(password))…
I need to clear the password field if the user type a wrong captcha…
What should I do?
Any ideas?
Thanks
i dont have that extension
but i guess that the md5 encryption is done in afterValidate() function if so move it to beforeSave()
because afterValidate function is called even when the validate is failed
Thanks for your help…
But I believe my md5 is after validate()…
I am not sure about but I think so… Would you please help me have a look? Here is my code:
public function actionRegistration() {
$model = new RegistrationForm;
$profile=new Profile;
$profile->regMode = true;
// ajax validator
if(isset($_POST['ajax']) && $_POST['ajax']==='registration-form')
{
echo UActiveForm::validate(array($model,$profile));
Yii::app()->end();
}
if (Yii::app()->user->id) {
$this->redirect(Yii::app()->controller->module->profileUrl);
} else {
if(isset($_POST['RegistrationForm'])) {
$model->attributes=$_POST['RegistrationForm'];
$profile->attributes=((isset($_POST['Profile'])?$_POST['Profile']:array()));
if($model->validate()&&$profile->validate()) ///////////////////////////this line?
{
$soucePassword = $model->password;
$model->activkey=UserModule::encrypting(microtime().$model->password);
$model->password=UserModule::encrypting($model->password);
$model->verifyPassword=UserModule::encrypting($model->verifyPassword);
$model->createtime=time();
$model->lastvisit=((Yii::app()->controller->module->loginNotActiv||(Yii::app()->controller->module->activeAfterRegister&&Yii::app()->controller->module->sendActivationMail==false))&&Yii::app()->controller->module->autoLogin)?time():0;
$model->superuser=0;
$model->status=((Yii::app()->controller->module->activeAfterRegister)?User::STATUS_ACTIVE:User::STATUS_NOACTIVE);
if ($model->save()) {
$profile->user_id=$model->id;
$profile->save();
if (Yii::app()->controller->module->sendActivationMail) {
$activation_url = $this->createAbsoluteUrl('/user/activation/activation',array("activkey" => $model->activkey, "email" => $model->email));
.....
.....
....
any hints…?
can you show the whole function actionRegistration() code
public function actionRegistration() {
$model = new RegistrationForm;
$profile=new Profile;
$profile->regMode = true;
// ajax validator
if(isset($_POST['ajax']) && $_POST['ajax']==='registration-form')
{
echo UActiveForm::validate(array($model,$profile));
Yii::app()->end();
}
if (Yii::app()->user->id) {
$this->redirect(Yii::app()->controller->module->profileUrl);
} else {
if(isset($_POST['RegistrationForm'])) {
$model->attributes=$_POST['RegistrationForm'];
$profile->attributes=((isset($_POST['Profile'])?$_POST['Profile']:array()));
if($model->validate()&&$profile->validate())
{
$soucePassword = $model->password;
$model->activkey=UserModule::encrypting(microtime().$model->password);
$model->password=UserModule::encrypting($model->password);
$model->verifyPassword=UserModule::encrypting($model->verifyPassword);
$model->createtime=time();
$model->lastvisit=((Yii::app()->controller->module->loginNotActiv||(Yii::app()->controller->module->activeAfterRegister&&Yii::app()->controller->module->sendActivationMail==false))&&Yii::app()->controller->module->autoLogin)?time():0;
$model->superuser=0;
$model->status=((Yii::app()->controller->module->activeAfterRegister)?User::STATUS_ACTIVE:User::STATUS_NOACTIVE);
if ($model->save()) {
$profile->user_id=$model->id;
$profile->save();
if (Yii::app()->controller->module->sendActivationMail) {
$activation_url = $this->createAbsoluteUrl('/user/activation/activation',array("activkey" => $model->activkey, "email" => $model->email));
$message = new YiiMailMessage;
$message->view = 'registration';
//userModel is passed to the view
$message->setBody(array('model'=>$model, 'activation_url'=>$activation_url), 'text/html');
$message->addTo($model->email);
$message->from = Yii::app()->params['adminEmail'];
Yii::app()->mail->send($message);
}
if ((Yii::app()->controller->module->loginNotActiv||(Yii::app()->controller->module->activeAfterRegister&&Yii::app()->controller->module->sendActivationMail==false))&&Yii::app()->controller->module->autoLogin) {
$identity=new UserIdentity($model->username,$soucePassword);
$identity->authenticate();
Yii::app()->user->login($identity,0);
$this->redirect(Yii::app()->controller->module->returnUrl);
} else {
if (!Yii::app()->controller->module->activeAfterRegister&&!Yii::app()->controller->module->sendActivationMail) {
Yii::app()->user->setFlash('registration',UserModule::t("Thank you for your registration. Contact Admin to activate your account."));
} elseif(Yii::app()->controller->module->activeAfterRegister&&Yii::app()->controller->module->sendActivationMail==false) {
Yii::app()->user->setFlash('registration',UserModule::t("Thank you for your registration. Please {{login}}.",array('{{login}}'=>CHtml::link(UserModule::t('Login'),Yii::app()->controller->module->loginUrl))));
} elseif(Yii::app()->controller->module->loginNotActiv) {
Yii::app()->user->setFlash('registration',UserModule::t("Thank you for your registration. Please check your email or login."));
} else {
Yii::app()->user->setFlash('registration',UserModule::t("Thank you for your registration. Please check your email."));
}
$this->refresh();
}
}
} else $profile->validate();
}
$this->render('/user/registration',array('model'=>$model,'profile'=>$profile));
}
}
It’s super long… I use yii-mail to send activation email to the user here.
Thanks so much for your help!!!!
anyone else using yii-user?
any ideas…?
Hi,
I just tried your Use Case: I don’t have this problem. Password field still contains clear password after failed form validation (wrong captcha).
JM.
Hi, do you mean your password field will
E automatically cleared?
Would you please post on some codes…(Espiacially your login controller…)
Thanks in advance’
Hi,
I mean: the password field still contains the password as I entered it (uncrypted).
My registration controller and form are afaik still in the version of the yii-user extension.
Maybe an idea: is your page performing ajax validation? if yes, I guess data gets validated before being sent to the registration controller, and thus password not encrypted. If not, data gets encrypted, sent, and rejected.
When you are on your registration page, can you have a look at the HTML source, and check whether such a line is present at the bottom:
$('#registration-form').yiiactiveform({'attributes':[{'inputID':'RegistrationForm_username','errorID':'RegistrationForm_username_em_'},{'inputID':'RegistrationForm_password','errorID':'RegistrationForm_password_em_'},{'inputID':'RegistrationForm_verifyPassword','errorID':'RegistrationForm_verifyPassword_em_'},{'inputID':'RegistrationForm_email','errorID':'RegistrationForm_email_em_'},{'inputID':'Profile_first_name','errorID':'Profile_first_name_em_'},{'inputID':'Profile_last_name','errorID':'Profile_last_name_em_'},{'inputID':'Profile_birthdate','errorID':'Profile_birthdate_em_'}],'summaryID':'registration-form_es_'}); });
(My guess: this would do the ajax validation)
Jean-Marie.
problem solved…
Although I don’t know how…
It just starts to work…
Thanks anyway.
