We help IT Professionals succeed at work.

Why is my password field / value not being accurately processed?

Bruce Gust
Bruce Gust asked
on
Here's the counsel I'm attempting to implement:

Here's the counsel that I'm attempting to implement:

One other thing of note. Regardless of whether your password is validated or not, the request will still contain the password field. What this means is that if you don't fill in the password (and it skips the validation part), then your request will be valid, but the input->password will be NULL. You obviously don't want to be inserting that into the database:

$user->password = Hash::make($request->input('password'));

What you should be doing is looking at the validated data, and not the request data. In your controller, add this line:

$validated = $request->validated();

Now the $validated array will only contain data that passed validation. If you skipped validating the password, then it won't exist in that array:

if (isset($validated['password'])) {
    $user->password = Hash::make($validated['password']);
}

Hope that all makes sense. Like I said, quite a few moving parts to this, including some Laravel 'magic'.

When I go to update my user with a new password, this is the Controller that's being utilized:

public function update(UpdateUserRequest $request)
    {
       [b]$validated = $request->validated();[/b]
       $user=User::findOrFail($request->the_id);
	   if($request->input('admin_yes')=="Y") {
			$user->admin=1;
		}
		else {
			$user->admin=0;
		}
		if($request->input('update_pass')==1) { // we're updating the password
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			[b]$user->password = Hash::make($validated('password'));[/b]
			$success='User was successfully updated!';
		}
		else {
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			$success='User was successfully updated!';			
		}
		
		if($user->save()) {
			if($request->input('update_pass')==1) {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited.')
				->with('passwordChanged', 'yes');		
			}
			else {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited!');	
			}
		}
    }

Open in new window


Here's my "UpdateUserRequest" file:

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Factory;

class UpdateUserRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            //
			'name' => 'required | string | max:255',
        ];
    }
	
	
	public function messages()
    {
        return [
            'name.required' => 'name is required!',
			'password.confirmed' => 'make sure both your "password" and your "confirm password" fields match!'
        ];
    }
	
	public function validator(Factory $factory) {
			$validator = $factory->make($this->input(), $this->rules(), $this->messages());
			$validator->sometimes('password', 'required | string | min:8 | confirmed', function($input) {
			return $input->update_pass == "1";
			});

    return $validator;
	}
}

Open in new window


The part in my Controller that I have in bold is the issue because, while my code worked when I used this:

$user->password=$validated['password'];

I got this error: "Array callback has to contain indices 0 and 1" when I used $user->password = Hash::make($validated('password'));

My question is two fold...

First of all, where  $validated = $request->validated(); is that functionality coming from? when I look at my "UpdateUserRequest," I see my rules and I see how I'm adding some additional parameters based on the whether or not my "update_pass" value is true, but where is "$validated" coming from?

Secondly, what does "Array callback has to contain indices 0 and 1" actually mean and how can I fix it?

Thanks!
Comment
Watch Question

Most Valuable Expert 2018
Distinguished Expert 2019
Commented:
Hey Bruce,

The array callback error is because you have a typo in your code. You're trying to call $validated as a function (parenthesis) rather than as an array (square brackets). You have this:

$validated('password')

You should have this:

$validated['password']

As for the $request->validated() functionality. it's a method on the FormRequest class (which your UpdateUserRequest inherits from). THe method returns data from the Validator class.
Bruce GustPHP Developer

Author

Commented:
Awesome!

Got it!