I can't login in my just new dev website base on CakePHP 2.5.
I use default identification, with AuthComponent::password, but every time, the function AuthAuthComponent::login return false, even if put right credentials in the form.
AppController.php
public $components = array(
"DebugKit.Toolbar",
"Session",
"Auth" => array(
"loginAction" => array(
"controller" => "users",
"action" => "login"
),
"authError" => "Accès refusé"
)
);
UsersController.php
public function manager_login() {
$this->layout = "manager_login";
// The user tries to connect
if($this->request->is("post")) {
if($this->Auth->login()) {
return $this->redirect("/manager/");
}
}
}
User.php (Model) the beforeSave() function
public function beforeSave($options = array()) {
$this->data["User"]["password"] = AuthComponent::password($this->data["User"]["password"]);
}
manager_login.ctp (the view with the form)
<?php echo $this->form->create("User", array("inputDefaults" => array("div" => false, "label" => false))); ?>
<div class="login-box-header bg-dark-blue">
<h3 class="login-box-title">Administration</h3>
</div>
<div class="login-box-content bg-light-white">
<?php echo $this->form->input("User.username"); ?>
<?php echo $this->form->input("User.password"); ?>
<?php echo $this->form->checkbox("User.remember"); ?>
<?php echo $this->form->label("User.remember", "Se souvenir de moi"); ?>
</div>
<div class="login-box-footer" style="background-color: #fff">
<button type="submit" class="tiny expand">Se connecter</button>
</div>
<?php echo $this->form->end(); ?>
In fact, I think there is a problem with the SQL query because I don't see the WHERE condition in the following query :
SELECT `User`.`id`, `User`.`username`, `User`.`password`, `User`.`email`,
`User`.`avatar`, `User`.`skype`, `User`.`twitter`, `User`.`created`,
`User`.`updated`
FROM `leboncube`.`lbc_users` AS `User`
WHERE `User`.`username` = 'Mike Hell'
LIMIT 1
I hash the passwords on the users registration in the function beforeSave ; I compared the hash generated in the controller with $this->Auth->password and the hash in the database : they are strictly the same.
isAuthorized
method? – arilia$this->form
!=$this->Form
(the latter is what you should use). Mind your casing for developing. – mark