0

I have a problem validating User Password in Symfony 2.4. I have a form created with html code inside twig and i am not using form builder because i am submitting the form via ajax.

The form is a change password form and i have a password field which must match with the user passord.

Code:

Html.twig code of the form:

        <form id="changePassword" name="changePassword">
            <label id="labelPassword">Write your current password </label>
            <input type="password" id="CurrentPassword" name="CurrentPassword" />
            <label id="labelNewPassword">Write your new password </label>
            <input type="password" id="NewPassword" name ="NewPassword" />
            <label id="labelNewPassword2">Repeat your new password</label>
            <input type="password"  id="NewPassword2" name ="NewPassword2" />
            <input type="submit" class="btn-primary btn" value="Change"/>
        </form>

ajax code:

        var ServerData;
        $(document).ready(function() {
           $("form").submit(function(e) {
              e.preventDefault();
              var data = $(this).serialize();
              var url = $(this).attr("name");
              var id = $(this).attr("id");
              if(validates(url)){
                 $.ajax({
                    url: url+"/" ,
                    method: "post",
                    dataType: "json",
                    data: data,
                    success: function (ServerData){                    
                      successFunction(); 
                    },
                    error: function (){
                      errorFunction();
                    }
                 });
              }
              else{
                 novalidFunction();
              }

          });
       });





function validate(url){
//Just length and matching new password with repeat new password validations
}
// succesFunction(), errorFunction() and novalidFunction() and all this code are
//working great

php code of the controller:

public function changePasswordAction ($request Request){
   $user=  $this->getUser();
   $password = $user->getPassword();
   $currentPassword = $request->get("CurrentPassword");
   $newPassword = $request->get("NewPassword");
   //here is where i need the code to compare $password with $currentPassword;
   //the problem is that $password is encoded

   //then i got the code to insert new values in Users table and its working;
}

Thanks in advance and sorry about my english

Improve this question

1 Answer 1

Reset to default
0

i have resolved the problem: Since you cant decode the user password you have to encode the new password. Here is the code to complete my last code:

public function changePasswordAction(Request $request){
        $user = $this->getUser();
        $upassword = $user->getPassword();
        $password =  $request ->get("CurrentPassword");
        $newPassword = $request ->get("NewPassword");
        $factory = $this->get('security.encoder_factory');
        $encoder = $factory->getEncoder($user);
        $salt = $user->getSalt();
        $passwordSecure = $encoder->encodePassword($password, $salt);
        $em = $this->getDoctrine()->getManager();
        if ($passwordSecure == $upassword){
            if($newPassword == $newPasswordtwo){
                $newsalt = md5(time() * rand(1, 9999));//just a random number 
                $user->setSalt($newsalt);
                $user->setPassword($encoder->encodePassword($newPassword, $newsalt));
                $em->persist($user);
                $em->flush();
                return new \Symfony\Component\HttpFoundation\JsonResponse(array("estado" => "success", "msg" => "Password Changed"));
            }
            else{
                return new \Symfony\Component\HttpFoundation\JsonResponse(array("estado" => "error", "msg" => "New password doesn't match in both fields"));
            }
        }
        else{
            return new \Symfony\Component\HttpFoundation\JsonResponse(array("estado" => "error", "msg" => "User password is not correct"));
        }

}

That is working great for me. I hope that could help someone. :)

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.