php - How to get encrypted password value in laravel? -


i trying change password of user need check old password of user match value getting html "oldpass" text box. if existing password value , "oldpass" value matches new password updated in database.the password value getting database encrypted.

$userpass = user::where('id', '=', session::get('userid'))->get(array('password')); problem $userpass returns null value .

here code:

    $oldpass = hash::make(input::get('oldpass'));//getting password html form     $userpass = user::where('id', '=', session::get('userid'))->get(array('password'));//getting password value database users table     if ($oldpass === $userpass) {           user::where('id', '=', session::get('userid'))             ->update(array(                 'password' => hash::make(input::get('newpass'))     ));      } else {         return view::make('changepass.changepass')                         ->with('errormessage', 'password not match');     }

there 2 main problems here.

  1. on 1 hand, $userpass returning null because get() not appropiate function fecth column. can use pluck (see query builder docs)

    anyway can call attribute once fetch user like:

    $userpass = user::find(session::get('userid'))->password;

  2. you trying compare hashed password plain password. laravel uses guard default manage user authentication , guard uses hash::make store it. should compare hashes with:

    hash::check($oldpass, $userpass)

you check guard user credentials correct auth::validate($credentials) (see laravel security) , change password like:

if(auth::validate('id' => session::get('userid'), 'password' => input::get('oldpass'))){   //assuming user authenticated before. if not use auth::attempt instead of validate   auth::user()->password = hash::make(input::get('newpass'));  } else {     return view::make('changepass.changepass')                     ->with('errormessage', 'password not match'); }

Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

i have add following code htaccess file removing .php extension , add trailing slash urls. worked fine reduced page loading speed , css code not loading @ all. pages ugly. please help rewriteengine on rewritebase / ## hide .php extension snippet # externally redirect /dir/foo.php /dir/foo rewritecond %{the_request} ^[a-z]{3,}\s([^.]+)\.php [nc] rewriterule ^ %1/ [r,l] # add trailing slash rewritecond %{request_filename} !-f rewritecond %{request_uri} !/$ rewriterule . %{request_uri}/ [l,r=301] # internally forward /dir/foo /dir/foo.php rewritecond %{request_filename} !-d rewritecond %{request_filename}.php -f rewriterule ^(.*?)/?$ $1.php [l] we can rewrite urls using .htaccess files. before writing in .htaccess files need verify kind of server using. can check server adding a <?php phpinfo(); ?> in php page. ensure mod_rewrite module enabled in apache server. can identified checking phpinfo included page. common methods used url rewriting follows ...
Read more

inno setup - TLabel or TNewStaticText - change .Font.Style on Focus like Cursor changes with .Cursor -

is possible change .font.style on focus tlabel or tnewstatictext happens cursor when use .cursor ? there no built-in support track mouse hovering in inno setup @ time. however, intercepting window procedure of controls can track yourself. following example need innocallback library: [setup] appname=my program appversion=1.5 defaultdirname={pf}\my program outputdir=userdocs:inno setup examples output [files] source: "innocallback.dll"; destdir: "{tmp}"; flags: dontcopy [code] #ifdef unicode #define aw "w" #else #define aw "a" #endif const gwl_wndproc = -4; wm_mousemove = $0200; type wparam = uint_ptr; lparam = longint; lresult = longint; twindowproc = function(hwnd: hwnd; umsg: uint; wparam: wparam; lparam: lparam): lresult; function setcapture(hwnd: hwnd): hwnd; external 'setcapture@user32.dll stdcall'; function releasecapture: bool; external 'releasecapture@user32.dll stdcall'; func...
Read more