CakePHP MD5とCakeセッション文字列

$ emailtoken = md5($ user ['User'] ['password']。CAKE_SESSION_STRING);

As it gives the following error: Use of undefined constant CAKE_SESSION_STRING - assumed 'CAKE_SESSION_STRING'

それでもトークンは作成されますが、そのエラーが表示され、トークンを使用しているときは無効です:/

完全な関数は次のとおりです。

        function admin_resetpassword ( $token = null )
        {
           //User submits their email address
            if (!empty($this->data['User']['email']))
            { 
               //user submitted initial form 
                $user = $this->User->findByEmail($this->data['User']['email']); 
                if (empty($user))
                { 
                    $this->Session->setFlash('Unknown email.'); 
                    return;  
                }
                else
                { 
                    $emailtoken = md5($user['User']['password'].CAKE_SESSION_STRING); 
                   //send email (temp flash to test code) 
                    $this->Session->setFlash($emailtoken); 
                    return; 
                } 
            }
// If the token is not empty on the url
        if (!empty($token))
        { 
            $user = $this->User->find(array("MD5(User.password + '".CAKE_SESSION_STRING."')"=>$token));

            if (empty($user))
            { 
                $this->Session->setFlash('Invalid token.'); 
                return; 
            } 

            if (!empty($this->data['User']['password']))
            { 
                $user['User']['password'] = $this->data['User']['password']; 
                $this->user->save($user); 
                $this->Session->setFlash('New password set.'); 
                $this->redirect('/'); 
            } 

            $this->set('token', $token); 
            $this->render('newpassword2'); 
        } 


    }
0

1 答え

the problem is CAKE_SESSION_STRING is not defined (as stated in the error). If you want to get the salt or cipherSeed, use Configure::read('Security.salt'); or $this-Session->id; But you know this session id is lost after certain inactivity period, right? You won't be able to get that session id back later on (unless you save it somewhere).

0
追加された
PHP - 日本のコミュニティ [ja]
PHP - 日本のコミュニティ [ja]
4 参加者の

このグループではPHPについて話します。 パートナー:kotaeta.com