TechQA.

Zend Form old password verification

492 views Asked by At

How can i check if a specific record exists with Zend_Validate_Db_RecordExists?

Here is my code, i want to match old password before user changes it

 $oldpassexist = new Zend_Validate_Db_RecordExists(array(
            'table' => 'user',
            'field' => 'password',
                /** check if password matches
                 *  WHERE user_id = Auth::getuser()->id AND password = md5(THIS FIELD ENTRY) 
                 */
        ));
php zend-framework zend-form zend-validate
Original Q&A
2

There are 2 answers

2
Michael Osl On BEST ANSWER

Adding another where clause is pretty easy. Zend_Validate_Db_RecordExists allows you to modify the Zend_Db_Select object that it uses internally. So you could write:

$oldpassexist = new Zend_Validate_Db_RecordExists(array(
        'table' => 'user',
        'field' => 'password',
    ));

// reset the where clause used by Zend_Validate_Db_RecordExists
$oldpassexist->getSelect()->reset('where');

// set user_id and password. :value is a named parameter that will be 
// substituted by the value passed to the isValid method
$oldpassexist->getSelect()->where('user_id = ?', Auth::getuser()->id);
$oldpassexist->getSelect()->where('password = MD5(:value)');

Which will query both the password as hashed MD5 as well as the user_id field. However, I think this solution is not really elegant. I would probably write my own Validator for this. In any case you should write thorough test cases to detect if the behavior of Zend_Validate_Db_RecordExists changes one day.

1
Gerald On

Related Questions in PHP

Related Questions in ZEND-FRAMEWORK

Related Questions in ZEND-FORM

Related Questions in ZEND-VALIDATE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions