We help IT Professionals succeed at work.
Get Started

Why is my password field / value not being accurately processed?

Bruce Gust
Bruce Gust asked
on
108 Views
Last Modified: 2020-01-31
Here's the counsel I'm attempting to implement:

Here's the counsel that I'm attempting to implement:

One other thing of note. Regardless of whether your password is validated or not, the request will still contain the password field. What this means is that if you don't fill in the password (and it skips the validation part), then your request will be valid, but the input->password will be NULL. You obviously don't want to be inserting that into the database:

$user->password = Hash::make($request->input('password'));

What you should be doing is looking at the validated data, and not the request data. In your controller, add this line:

$validated = $request->validated();

Now the $validated array will only contain data that passed validation. If you skipped validating the password, then it won't exist in that array:

if (isset($validated['password'])) {
    $user->password = Hash::make($validated['password']);
}

Hope that all makes sense. Like I said, quite a few moving parts to this, including some Laravel 'magic'.

When I go to update my user with a new password, this is the Controller that's being utilized:

public function update(UpdateUserRequest $request)
    {
       [b]$validated = $request->validated();[/b]
       $user=User::findOrFail($request->the_id);
	   if($request->input('admin_yes')=="Y") {
			$user->admin=1;
		}
		else {
			$user->admin=0;
		}
		if($request->input('update_pass')==1) { // we're updating the password
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			[b]$user->password = Hash::make($validated('password'));[/b]
			$success='User was successfully updated!';
		}
		else {
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			$success='User was successfully updated!';			
		}
		
		if($user->save()) {
			if($request->input('update_pass')==1) {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited.')
				->with('passwordChanged', 'yes');		
			}
			else {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited!');	
			}
		}
    }

Open in new window


Here's my "UpdateUserRequest" file:

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Factory;

class UpdateUserRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            //
			'name' => 'required | string | max:255',
        ];
    }
	
	
	public function messages()
    {
        return [
            'name.required' => 'name is required!',
			'password.confirmed' => 'make sure both your "password" and your "confirm password" fields match!'
        ];
    }
	
	public function validator(Factory $factory) {
			$validator = $factory->make($this->input(), $this->rules(), $this->messages());
			$validator->sometimes('password', 'required | string | min:8 | confirmed', function($input) {
			return $input->update_pass == "1";
			});

    return $validator;
	}
}

Open in new window


The part in my Controller that I have in bold is the issue because, while my code worked when I used this:

$user->password=$validated['password'];

I got this error: "Array callback has to contain indices 0 and 1" when I used $user->password = Hash::make($validated('password'));

My question is two fold...

First of all, where  $validated = $request->validated(); is that functionality coming from? when I look at my "UpdateUserRequest," I see my rules and I see how I'm adding some additional parameters based on the whether or not my "update_pass" value is true, but where is "$validated" coming from?

Secondly, what does "Array callback has to contain indices 0 and 1" actually mean and how can I fix it?

Thanks!
Comment
Watch Question
CERTIFIED EXPERT
Most Valuable Expert 2020
Most Valuable Expert 2018
Commented:
This problem has been solved!
Unlock 1 Answer and 2 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant

An Experts Exchange subscription includes unlimited access to online courses.

Get Started
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE