Common CakePHP problems and solutions

Some questions are asked more often than others. The following I have read a thousand times. Maybe it’s time for some of those to be answered in detail.

Editing own account/profile

If you want users to allow editing their own profile you usually dont want to add the user_id to the url.
Just a simple domain.com/users/edit/.
You also want to make sure that they can only edit their own account.

Prior to Cake 2.0 (where a post finally defaults to the same url) you need to manually alter the create() method of the edit form:

<?php echo $this->Form->create('User', array('url' => '/' . $this->params['url']['url'])); ?>

This way the form doesn’t add the user_id to the url after the post.

public function edit() {
    $uid = $this->Session->read('Auth.User.id');
    if (!empty($this->data)) {
        $this->data['User']['id'] = $uid;
        if ($this->User->save($this->data, true, array('email', 'first_name', 'last_name', 'id', ...))) {
            // if you rely on auth session data from the user, make sure to update that here
            $this->Session->write('Auth.User.email', $this->data['User']['email']); // etc
            ...
            // OK, redirect
        } else {
            // ERROR
        }
    } else {
        $this->data = $this->User->get($uid); // this is my shortcut method - use find(first)
    }
}

Using the AuthComponent the action itself cannot be accessed by guests. And logged in users have their Session Auth.User.id and can therefore access and edit only their own account. If you don’t use the Security Component you should pass along all allowed fields as third parameter to ensure that nobody can temper with your form.

I also recommend using my behavior for editing passwords in this action. It covers the issue at a central place in code without creating more overhead as absolutely necessary.

Display only the user’s own posts

Paginated:

$this->paginate = array(
    'contain' => array('User'),
    'conditions' => array('Post.user_id' => $this->Session->read('Auth.User.id'))
);
$posts = $this->paginate();

Normal find(all):

$options = array(
    'conditions' => array('Post.user_id' => $this->Session->read('Auth.User.id')
);
$posts = $this->Post->find('all', $options);

Those code examples are from the controller action.

Default Values for forms via link

Disclaimer: Updated to 2.x syntax

When using links use query strings to set default values for forms:

// In your view ctp
$this->Html->link('Add event to this user', 
    array('action' => add, '?' => array('user_id' => $uid, 'date' => $dateString)));
    
// add action in your controller
public function add() {
    if ($this->request->is('post')) {
        // Validate and save
    } else {
        $this->request->data['Event'] = $this->request->query;
    }
}

This way all your query strings are used to populate the form in case the form is requested as GET (after a normal link).

Try to avoid passed or named params for passing default values, as they should not be used in this case.

Read more about handling default values here.

Login Counter

You can use the login method of your users controller to raise the login counter after each successful login or do anything else you want to be done afterwards (setting cookie, custom redirect).

public function login($username = null) {
    if (!empty($this->data)) {
        if ($this->Auth->user()) {
            // adjust Login +1 and LastLogin in users table with your own little method
            $this->User->loginUpdate($this->Session->read('Auth.User')); # write it yourself

            // maybe set cookie

            // redirect if to be forwarded
            $nonsense = array('/login', '/home');
            $redirect = $this->Session->read('Auth.redirect');
            if (!empty($redirect) && !in_array($redirect, $nonsense)) {
                $this->redirect($redirect);
            } // default:
            $this->redirect('/home');
        }
    }
}

With the nonsense array I make sure that the user is not forwarded to pages where it would not make much sense. If no referrer is available it will simply redirect to the dashboard.

Post Views: 45

3.60 avg. rating (74% score) - 5 votes

2 Comments

Your approach to edit own profile is an awesome hack. Thanks!

Maybe for version difference reasons your code didnt work. Am on CakePHP 3.0. My solution:

> Controller:

    public function editme() {
        $uid = $this->request->session()->read('Auth.User.id');
        $user = $this->Users->get($uid, []);
        if ($this->request->is(['patch', 'post', 'put'])) {
            $user = $this->Users->patchEntity($user, $this->request->data);
            if ($this->Users->save($user)) {
                $this->Flash->success(__('Your account changes have been saved.'));
                $this->redirect('/users/view/'.$user['id']);
            } else {
                $this->Flash->error(__('Something went wrong and your changes were not saved. Try again.'));
            }
        }

        $this->set(compact('user'));
        $this->set('_serialize', ['user']);
    }

View template:

Form->create($user); ?>
    
        
        Form->input('first_name');
            echo $this->Form->input('last_name');
            echo $this->Form->input('email');
            echo $this->Form->input('password');
            echo $this->Form->hidden('active', [
              'default' => '1'
            ]);
        ?>

Thanks!

im currently working on my cakephp app i have database named time and is has to table users and accounts users have EployeeId, Password data fields and accounts has also EmployeeId , Password etc.. now what i want to happen is every time that i will add data to users table it will authenticate if that data to save is present in the accounts table if not it will flash error else it will save how can i do this in cakephp ?? here is may

add.ctp code

public function add()
{
$user = $this->Users->newEntity();
if ($this->request->is(‘post’)) {
$user = $this->Users->patchEntity($user, $this->request->data);
if ($this->Users->save($user)) {
$this->Flash->success((‘Logs has been saved.’));
return $this->redirect([‘action’ => ‘index’]);
} else {
$this->Flash->error((‘The logs could not be saved. Please, try again.’));
}
}
$this->set(compact(‘user’));
$this->set(‘_serialize’, [‘user’]);
}

M	T	W	T	F	S	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Editing own account/profile

Display only the user’s own posts

Default Values for forms via link

Login Counter

2 Comments

Leave a Reply