How to save a record if I dont want all fields saved?

Question

How to save a record if I dont want all fields saved?

kisb2 Oct '15

Created Oct '15	Last Reply Nov '15	Replies 5	Views 595	Votes 0

kisb2 28.2k

Oct '15

I have an user table: id, username, password. Password is md5 encoded. So lets say I want to modify the username. I findFirst(id) the record, make the modification, and save. The md5 encoding run in "beforeSave". If I do it like that, it will always reencode the password. If I set 'null' for password, it will fail with "password is required" as it cant be null.

Izo · Answer 1 · 2015-10-22T04:48:26-07:00

you have to remove your pass encoding from beforeSave, just do it when you are creating a user


$record = new \MyApp\Models\User();
$record->name  = $name;
$recod->pass = md5($pass);

//if it is possible stop using md5, in controller : $this->security->hash($password); ... more information you can see here https://php.net/manual/en/function.password-hash.php

kisb2 · Answer 2 · 2015-10-22T05:00:59-07:00

it would be too easy like that, and in addition new record can be created by 1000 places, and its easy to miss the md5 encoding

you have to remove your pass encoding from beforeSave, just do it when you are creating a user
$record = new \MyApp\Models\User();
$record->name  = $name;
$recod->pass = md5($pass);
//if it is possible stop using md5, in controller : $this->security->hash($password); ... more information you can see here https://php.net/manual/en/function.password-hash.php

Izo · Answer 3 · 2015-10-22T05:35:23-07:00


class users {

    public static function createUser($data, $pass){

        $user = new \MyApp\Models\Users($data);

        $user->password = md5($pass);

        if ($user->save() === false){
            return $user->getMessages();
        }

        return true;
    }
}

$check = users::createUser(['name' => 'koko', 'age' => 16], 'mypass');

if ($check !== true){
    foreach ($check AS $message){
        // display error messages
    }
}

or you can move the messages logic inside the function, depens of how do you structure your app

Izo · Answer 4 · 2015-10-22T05:43:09-07:00

mmm nope, got it


function beforeSave(){
    if ($this->id == null){
        $tthis->password = md5($passowrd);
    }
}

or use beforeCreate

https://docs.phalcon.io/en/latest/reference/models.html

Zach · Answer 5 · 2015-10-22T08:21:56-07:00

As an aside... md5 is easily cracked. Why are you not using the security password hashing built into Phalcon?

Valdas Barakauskas · Answer 6 · 2015-11-05T14:14:30-07:00

The best way to prevent the problem when you have blank password ow you wish it updated only when its set


class Users extends Model
{

    public function setPassword($password = null)
    {
        if (!$password) {
            $this->skipAttributes(array('password'));
        } else {
            $this->password = $password;
        }
    }

    public function beforeSave()
    {
        $this->password = sha1($this->password);
    }

}

in this case when form sets password as blank, becouse it's not changed model set it to be skipped ;) or you can add this skip in initialize and when it's set remove it from skip