更新时绕过 cakePHP 验证

Question

我有一个配置文件页面，当用户尝试更新他们的页面配置文件时，输入未根据验证规则进行验证，它仍然继续保存（或至少输出成功消息）但没有数据然后存储，它恢复到原始值。只有当验证规则通过时，它才会存储值。

我不确定如何解决此问题，因为我的验证规则看起来正确。有什么想法吗？

验证规则

 public $validate = array(
    "username" => array(
        "email" => array(
            "rule" => "email",
            "message" => "The username must be a valid email address."
        ),
        "unique" => array(
            "rule" => "isUnique",
            "message" => "This username has already been registered."
        )
    ),
    "password" => array(
        "alphaNumeric" => array(
            "rule" => "alphaNumeric",
            "message" => "The password can only contain alpha-numeric characters"
        ),
        "between" => array(
            "rule" => array("between",8,12),
            "message" => "The password must contain between 8 - 12 characters."
        )
    ),
    "company" => array(
        "rule" => "notEmpty",
        "message" => "Please provide a company name"
    ),
    "first_name" => array(
        "rule" => "notEmpty",
        "message" => "Please provide the contact person's first name"
    ),
    "last_name" => array(
        "rule" => "notEmpty",
        "message" => "Please provide the contact person's last name"
    ),
    "telephone" => array(
        "numeric" => array(
            "rule" => "numeric",
            "message" => "The telephone number must be numeric"
        ),
        "maxLength" => array(
            "rule" => array("maxLength",10),
            "message" => "Your telephone umber must be 10 numbers."
        ) 
    ),
    "fax" => array(
        "numeric" => array(
            "rule" => "numeric",
            "message" => "The fax number must be numeric"
        ),
        "maxLength" => array(
            "rule" => array("maxLength",10),
            "message" => "Your fax umber must be 10 numbers."
        )
    ),
    "user_type_id" => array(
        "rule" => "numeric",
        "message" => "Please select a user type"
    ),
    "user_status_id" => array(
        "rule" => "numeric",
        "message" => "Please select the users status."
    )
);

控制器方法：

 public function profile() {
    if($this->request->is('post') || $this->request->is('put')) {
        if($this->Auth->user("id") == $this->request->data['User']['id']) {
            $this->User->save($this->request->data);
            $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));
        } else {
            $this->Session->setFlash("An error has occured updating your profile.");
        }
    }
    $this->request->data = $this->User->read(null,$this->Auth->user("id"));
}

Answer 1

您的验证可能工作正常。我认为问题是由于以下逻辑：

if($this->Auth->user("id") == $this->request->data['User']['id']) {
    $this->User->save($this->request->data);
    $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));
} else {
    $this->Session->setFlash("An error has occured updating your profile.");
}

if 语句只检查当前登录的用户 id 是否与表单中提交的用户 id 匹配。如果 id 匹配，它会尝试保存记录。然后它将执行之后的行。

因此，无论保存调用是否有效，它仍然会移动到下一行，$this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));。这就是为什么它说个人资料每次都更新了。

你可能想要类似的东西：

if($this->Auth->user("id") == $this->request->data['User']['id']) {
    if ($this->User->save($this->request->data)) {
        $this->Session->setFlash('Your profile has been updated','default',array('class'=>'success'));
    } else {
        $this->Session->setFlash("An error has occured updating your profile.");
    }
} else {
    this->Session->setFlash("This is not your profile.");
}

Answer 2

问题在于您的 if 块。你身边没有$this->User->save($this->request->data);

所以你需要

if ($this->User->save($this->request->data)) {
    // set good flash
} else {
    // else set bad flash
}

然后，当 Auth->user('id') 不等于发布数据时，您将需要一个（或者如果您只想提供通用消息，则将两者合并为 1 if 语句） .