Here's a seemingly simple question.
I have a "update your password" form. It asks for:
* The current password
* The new password
* Confirm the new password (repeat it for comparison)
What I do is simple:
Zend_Form validates the password rules and that the confirmation password
matches.
I call Zend_Auth to see if the current password is valid.
I update the password if all things are valid.
The problem I've encountered is that Zend_Auth will kill the session with
the "->isValid()" method if the password entered is wrong.
In other words, if you want to change your password, and you miss-typed the
current password, you will be logged out of the account because Zend_Auth
failed.
Is there a way to simply ask Zend_Auth to validate the credentials without
effecting the session?
I've not cracked open the Zend_Auth code, but I've tried to search for any
one asking this same question and I'm either not asking the right keywords
to search or it's just not that frequently asked.
One obvious thing I can do is simply not use Zend_Auth, just do simple SQL
password comparison using Zend_Db, which is fine, but I feel like it just
makes more sense using Zend_Auth.
Thanks in advance for any discussion on this topic!
Cheers!
Fozzy
--
View this message in context: http://zend-framework-community.634137.n4.nabble.com/Validating-Password-while-logged-in-and-not-loosing-session-tp3028677p3028677.html
Sent from the Zend Auth mailing list archive at Nabble.com.
没有评论:
发表评论