Yii用戶註冊返回散列密碼給用戶一個錯誤？

Question

嗨我正在與數據庫進行身份驗證我有問題，如果電子郵件地址的格式不正確，同一頁面會返回給頁面上有錯誤的用戶。問題是密碼仍然被散列並被添加到返回的表單中。

我控制器:: actionRegister（）：

$model = new User('register'); 
     if (isset($_POST['User'])) 
     { 
      $model->attributes = $_POST['User']; 
      $model->password = crypt($model->password, $model->blowfishSalt()); 
      if ($model->save()) 
      { 
       $this->redirect(Yii::app()->user->returnUrl); 
      } 
     } 
     $this->render('register', array('model'=>$model)); 

我的觀點：register.php

<div class="row"> 
     <?php echo $form->labelEx($model,'email'); ?> 
     <?php echo $form->textField($model,'email'); ?> 
     <?php echo $form->error($model,'email'); ?> 
    </div> 

    <div class="row"> 
     <?php echo $form->labelEx($model,'password'); ?> 
     <?php echo $form->passwordField($model,'password'); ?> 
     <?php echo $form->error($model,'password'); ?> 
    </div> 


    <div class="row buttons"> 
     <?php echo CHtml::submitButton('Submit'); ?> 
    </div> 

我怎樣才能確保使用 '註冊' 情景密碼不會返回表單和/或密碼不會被散列，直到所有其他錯誤消失。由於散列需要一些時間？

Answer 1

lysenkobv的評論是正確的，或者你可以改變你的代碼，這一點，使用驗證，不直到修改密碼驗證後：

if (isset($_POST['User'])) 
    { 
     $model->attributes = $_POST['User']; 
     if ($model->validate()) 
     { 
      $model->password = crypt($model->password, $model->blowfishSalt()); 
      $model->save(); 
      $this->redirect(Yii::app()->user->returnUrl); 
     } else { 
      //if you want password to clear so they have to retype it 
      $model->password = null; 
     } 
    } 

Answer 2

$model = new User('register'); 
    if (isset($_POST['User'])) 
    { 
     $model->attributes = $_POST['User']; 
     $password = $model->password; 
     $model->password = crypt($model->password, $model->blowfishSalt()); 
     if ($model->save()) 
     { 
      $this->redirect(Yii::app()->user->returnUrl); 
     } 
     else { 
      $model->password = $password; 
     } 
    } 
    $this->render('register', array('model'=>$model));