Cakephp’s Auth Component – validation

The registration form for new users follows validation rules. All the inputs are required. The username should be unique and the username length should be between 3 and 15 characters.
validation_codes1

If user or admin choose username that has already been taken, the user account will not be created and the following error will be displayed:
validation_unique

If user or admin type username that is shorter than 3 or longer than 15 characters, the user account will not be created and the following error will be displayed:
validation_length

The password field and confirmed password field should matched. The rule ‘matchPassword’ is not cakePHP rule, since cakePHP does not have rule to compare fields.
The public function ‘matchPassword’ takes one argument – data. The function compares if password field value matches the confirmed password field value. If fields are equal than function returns true. If fields are not equal than the password confirmation field is invalidate, the error message is displayed and the function returns false.

validation_codes2

If user or admin type password and confirmed password that do not match, the user account will not be created and the following errors will be displayed:
validation_psswd_match

Check the previous screens – password and password confirmation fields are hashed. The public function beforeSave() hashed passwords before stored in database:
hash

Cakephp’s Auth Component – edit/delete user’s profile

Users can edit or delete only his/her own profile. Admin can edit/delete others users profiles. Public function isAuthorized compares logged-in user’s id with user’s id from the URL. If the ids match, edit and delete buttons work, otherwise do not work. It also checks if user’s role is ‘admin’.
user_edit_code1

Moreover the edit/delete buttons associated with others users in users view are hidden:
user_edit_code2

The users view with hidden edit/delete buttons:
user_edit1

If the user wants to bypass the isAuthorized function and hidden edit/delete buttons by typing edit user URL with someone’s else id e.g.:
http://pict.uws.ac.uk/~sss04/cakephp/users/edit/13 (user fred id=14 is typing wilma’s id=13)
the error message ‘You can’t access that page’ appears:
user_edit2

Drop Down List for ENUM – Revision

To create FormEnum the first file that has to be modified is the UsesController.php :
enum1

After that user add.ctp file was altered:
enum2

Unfortunately refreshing the user add page returns error:
enym3

In order to fix this error FormEnumHelper.php helper has to be added to app/View/Helper.
Once this file has been added to the appropriate folder on the server admin can see drop-down menu for user roles:
enum4

To display drop-down disabled list for non-admin users, the following else statement was added to the already existing if statement (in add.ctp and edit.ctp files):
enum5

Right now new users can see disabled role during registration process:

enum6

And an existing non-admin users can also see disabled role on edit user profile page:
enum7