CakePHP validatation rules for many actions

I've searched around the web, on the cakePHP book/API, and StackOverflow, but cannot seem to find an answer for this. The issue I'm having is with user creation for an app I'm building. I have password validation rules for an add action in my controller that are working just fine - there are no problems whatsoever and even the Auth component is happy. I've created a change_password action that works perfectly with my data model (as in - changes actually take place), but no validation is applied to it, even though I named the form fields exactly the same as with the add action.

Can multiple actions not share the same validation? Will I have to slightly rename my form ids in the change_password action, then create new validation vars to match those? That seems rather inefficient to me, but if I have to go down that route, I will.

Thanks very much!! John

EDIT, adding code snippets now, as it seems appropriate.

First the action:

    function change_password($id = null) {
    if (!empty($this->data)) {
        if (!empty($this->data['User']['passwd'])) {
            $this->data['User']['password'] = $this->Auth->password($this->data['User']['passwd']);
        }
        if ($this->User->save($this->data)) {
            $this->Session->setFlash('Password has been changed');
            $this->redirect(array('controller' => 'bookings', 'action' => 'index'));
        } else {
            $this->Session->setFlash('Password could not be changed');
        } 
    }

Now the validation rules (note again that these work perfectly for my add action, they just fail in change_password):

    var $validate = array(
    'first_name' => array(
        'notempty' => array('rule' => array('notempty')),
    ),
    'last_name' => array(
        'notempty' => array('rule' => array('notempty')),
    ),
    'email' => array(
        'email' => array('rule' => array('email')),
    ),
    'group_id' => array(
        'numeric' => array('rule' => array('numeric')),
    ),
    'active_user' => array(
        'boolean' => array('rule' => array('boolean')),
    ),
    'passwd' => array(
        'rule' => array('minLength', '6'),
        'message' => 'Password should be at least 6 characters long',
        'required' => true,
        'allowEmpty' => false,
        'on' => 'create'
    ),
    'passwd_confirm' => array(
        'rule' => 'matchpwd',
        'message' => 'Confirm password doesnt match'
    ),
);

    function matchpwd($data){
    if ($this->data['User']['passwd'] != $data['passwd_confirm'] ) {
        return false;
    }
    return true;
}

Finally, the view (though I don't think adding this will help, I'm including it anyway):

    <div class="users form">
    <?php echo $form->create('User', array('action'=>'change_password'));?>
<fieldset>
    <legend><?php __('Change Password for "'.$User_to_change.'"');?></legend>
<?php
    echo $form->input('id');
    echo $form->input('passwd', array(
            'type' => 'password')
        );
    echo $form->input('passwd_confirm', array(
            'type' => 'password')
        );
?>
</fieldset>
    <?php echo $form->end('Submit');?>
    </div>

I referenced in an answer below that validation seems to be "halfway working". When I attempt to enter a password in the "passwd" form field but leave "passwd_confirm" blank, the controller's save action fails and I see the flash message "Password could not be changed". So obviously it's running the matchpwd function in my validation rules. However, entering blank values for both boxes succeeds, so it's as if it's failing the other validation rules.

(开发者_C百科Please excuse me if the code indentation isn't appearing properly. As you can see, I'm a bit of a StackOverflow n00b)

One large benefit of Cake's validation system is that you only have to write the rules once. As your controller is loading the model definition, by default, the rules will be applied by any action working with the model.

I think what is most likely happening is that you have the required parameter set to true. If the field is empty, it will cause validation to fail.

The password is automatically hashed so you need to hash the other password field to compare them. I usually do it in a beforeSave function in the model:

function beforeSave() {
    if(!empty($this->data['User']['password2'])) {
        $this->data['User']['password']=Security::hash($this->data['User']['password2'], null, true);
    }
    return true;
}

I use these validation rule for my pw fields:

    'password' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'Give a password.',
        ),
    ),
    'password2' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'Give a password.',
        ),
    ),
    'passwordn' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'Give a password.',
        ),
    ),
    'current_password' => array(
        'notempty' => array(
            'rule' => array('notempty'),
            'message' => 'Give a password.',
        ),
    ),

password and password2 for registering, passwordn password2 and current_password are on the pw change form.