Make sure password_confirmation is being removed
#404
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We have a "password is optional because we have an invite system where users are invited and set up their account and password via invite link in email" type system and are running into the following issue: Referencing these lines: https://github.com/Zizaco/confide/blob/4.0.0-rc.2/src/views/generators/repository.blade.php#L34,L37 Since Ardent is being removed, `password_confirmation` is *not* being "auto removed" and I am getting an error trying to save a user: > Unknown column 'password_confirmation' Eloquent does *not* auto remove that field. If we follow it upstream, we see an attempt to remove the password manually here: https://github.com/Zizaco/confide/blob/4.0.0-rc.2/src%2FConfide%2FUserValidator.php#L93 But in this case, `$user->getOriginal('password') != $user->password` appears to be always false, so we never get in there. This proposal will make it so `password_confirmation` will always be removed as long as that function is being called (and there isn't an error) (but I would argue this still isn't a great solution... what if someone overrides their own `validatePassword` function? They just need to know they need to remove that one thing?)
Zizaco
added a commit
that referenced
this pull request
Sep 10, 2014
Make sure `password_confirmation` is being removed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We have a "password is optional because we have an invite system where users are invited and set up their account and password via invite link in email" type system and are running into the following issue:
Referencing these lines: https://github.com/Zizaco/confide/blob/4.0.0-rc.2/src/views/generators/repository.blade.php#L34,L37
Since Ardent is being removed,
password_confirmationis not being "auto removed" and I am getting an error trying to save a user:Eloquent does not auto remove that field.
If we follow it upstream, we see an attempt to remove the password manually here: https://github.com/Zizaco/confide/blob/4.0.0-rc.2/src%2FConfide%2FUserValidator.php#L93
But in this case,
$user->getOriginal('password') != $user->passwordappears to be always false, so we never get in there.This proposal will make it so
password_confirmationwill always be removed as long as that function is being called (and there isn't an error) (but I would argue this still isn't a great solution... what if someone overrides their ownvalidatePasswordfunction? They just need to know they need to remove that one thing?)