beforeSave() vs. beforeCreate()

[Nathan Stanford II]

I have a n00b question. But here it goes. I am working on hashing
passwords in my model using beforeSave() but when I do so the
beforeSave() method gets called even when I am creating a blank user
object. Not sure what is going on here. Here is the code.

//Callback in the model
beforeSave("saltPassword");

//Method being called checks that pass is defined before salting and
hashing
private function saltPassword(){
if(isDefined("this.password")){
this.passwordSalt = CreateUUID();
this.password = getPasswordHash(this.password,this.passwordSalt);
}
}

//Hash the pass
public function getPasswordHash(password, salt){

arguments.pw = hash(arguments.password & arguments.salt, 'SHA-512');
for(i=0; i LTE 1025; i=i+1){
arguments.pw = hash(arguments.password & arguments.salt, 'SHA-512');
}
return arguments.pw;
}

//Register function -------------
public void function register() {
contentFor(title="Register");
usesLayout("/layouts/plain");
user = model('user').new();
}
public void function goRegister() {
user = model('user').new(params.user);
user.save();
if(user.hasErrors()){
renderPage(action="register");
}
else{
redirectTo(route="userHome",success="You successfully registered!");
}
}
//------------------------------

Not quite sure what is going on. I thought the beforeSave() was called
before an object was saved, not when one was created. Or maybe I am
not making any sense at all. Any thoughts?

Nathan Stanford II

[Nathan Stanford II]

I think it may have something to do with the scope of the password
that I am getting. I had read previous questions about this that had
the same problem but I thought the answer was the "this" scope.

Nathan Stanford II

[Chris Peters]

Can't tell if you need a refresher on how this works, so pardon if I'm telling you something that you already know. :)

• beforeSave() runs on both creates and updates.
• beforeCreate() runs just on creates.
• beforeUpdate() runs on just updates.

Does that change anything?

Nathan Stanford II

--
You received this message because you are subscribed to the Google Groups "ColdFusion on Wheels" group.
To post to this group, send email to cfwh...@googlegroups.com.
To unsubscribe from this group, send email to cfwheels+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/cfwheels?hl=en.

[Nathan Stanford II]

Let me work with and see. I do think I understand those, so not sure where my disconnect is right now :) Let me go back with that info. And no worries telling me stuff I might know.

[Nathan Stanford II]

So I changed it to beforeCreate() and it is calling that function, but when I pass an object that I have populated from a form, it doesn't have the password I am trying to hash in the "this" scope. Hmm...why would that be? 

[Chris Peters]

From your controller, try dumping the object before you call save/create and see if it's in there.

If it's not there, try dumping the params struct and see what's in there.

On Tue, Feb 15, 2011 at 2:21 PM, Nathan Stanford II <nathan.s...@gmail.com> wrote:

So I changed it to beforeCreate() and it is calling that function, but when I pass an object that I have populated from a form, it doesn't have the password I am trying to hash in the "this" scope. Hmm...why would that be? 

--

[Nathan Stanford II]

:( Frustrating...its in both the params and the new user object.

[Thomas DeLoreto]

Trying dumping this scope inside your saltPassword function before and after the if statement. Programatically your really don't need to salt a SHA-512, I would just use hash(this.password, "SHA-512") since SHA-512 produces a 88 character string that takes massive computing logic and power to crack.

On Tue, Feb 15, 2011 at 2:31 PM, Nathan Stanford II <boo...@gmail.com> wrote:

:( Frustrating...its in both the params and the new user object.

[Nathan Stanford II]

Ok, I did that and now I think it may have been an issue with my
callBacks being private 8-/ not sure though. Still not 100% certain
why...gotta love it when that happens...not! It is working now...so
time to back it up and tinker :)

Thanks