Confirm password at registration
From ClassDBI
Revision as of 07:08, 21 December 2008 by EdwardSabol (Talk | contribs)
If you have a User class, with a password field, and in a registration process you want them to have to confirm their password, you can easily add this logic using a faked column and a constraint:
__PACKAGE__->columns(TEMP => qw/password2/)
__PACKAGE__->add_constraint(
confirm_pass => password => sub {
my ($val, $self, $column_name, $changing) = @_;
return ($val || "") eq ($changing->{password2} || "");
}
);
Now any time someone is trying to set the password, the constraint will ensure that they've also passed a "password2" field that is the same; but because this is marked as TEMP it will never be written to the database.
(If you're plugging this in via Class::DBI::!FromCGI, don't forget to also set the untaint type of password2).
Also explicitly add the password2 column to the "all" list option in the create_from_cgi() or update_from_cgi() call becasue temp columns don't get auto filled for backwards compatibility reasons.
$class->create_from_cgi( $h =>
{ all => [$class->columns, password2] }
);
