troubleshooting Question

Why is my password field / value not being accurately processed?

Avatar of Bruce Gust
Bruce GustFlag for United States of America asked on
LaravelPHP
2 Comments1 Solution117 ViewsLast Modified:
Here's the counsel I'm attempting to implement:

Here's the counsel that I'm attempting to implement:

One other thing of note. Regardless of whether your password is validated or not, the request will still contain the password field. What this means is that if you don't fill in the password (and it skips the validation part), then your request will be valid, but the input->password will be NULL. You obviously don't want to be inserting that into the database:

$user->password = Hash::make($request->input('password'));

What you should be doing is looking at the validated data, and not the request data. In your controller, add this line:

$validated = $request->validated();

Now the $validated array will only contain data that passed validation. If you skipped validating the password, then it won't exist in that array:

if (isset($validated['password'])) {
    $user->password = Hash::make($validated['password']);
}

Hope that all makes sense. Like I said, quite a few moving parts to this, including some Laravel 'magic'.

When I go to update my user with a new password, this is the Controller that's being utilized:

public function update(UpdateUserRequest $request)
    {
       [b]$validated = $request->validated();[/b]
       $user=User::findOrFail($request->the_id);
	   if($request->input('admin_yes')=="Y") {
			$user->admin=1;
		}
		else {
			$user->admin=0;
		}
		if($request->input('update_pass')==1) { // we're updating the password
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			[b]$user->password = Hash::make($validated('password'));[/b]
			$success='User was successfully updated!';
		}
		else {
			$user->name=$request->input('name');
			$user->email=$request->input('email');
			$user->user_id=$request->input('user_id');
			$success='User was successfully updated!';			
		}
		
		if($user->save()) {
			if($request->input('update_pass')==1) {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited.')
				->with('passwordChanged', 'yes');		
			}
			else {
				return View::make('/admin/displayUser')
				->with('user', $user)
				->with('newUser', 'Here\'s the user you just edited!');	
			}
		}
    }

Here's my "UpdateUserRequest" file:

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Factory;

class UpdateUserRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            //
			'name' => 'required | string | max:255',
        ];
    }
	
	
	public function messages()
    {
        return [
            'name.required' => 'name is required!',
			'password.confirmed' => 'make sure both your "password" and your "confirm password" fields match!'
        ];
    }
	
	public function validator(Factory $factory) {
			$validator = $factory->make($this->input(), $this->rules(), $this->messages());
			$validator->sometimes('password', 'required | string | min:8 | confirmed', function($input) {
			return $input->update_pass == "1";
			});

    return $validator;
	}
}

The part in my Controller that I have in bold is the issue because, while my code worked when I used this:

$user->password=$validated['password'];

I got this error: "Array callback has to contain indices 0 and 1" when I used $user->password = Hash::make($validated('password'));

My question is two fold...

First of all, where  $validated = $request->validated(); is that functionality coming from? when I look at my "UpdateUserRequest," I see my rules and I see how I'm adding some additional parameters based on the whether or not my "update_pass" value is true, but where is "$validated" coming from?

Secondly, what does "Array callback has to contain indices 0 and 1" actually mean and how can I fix it?

Thanks!
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros