CakeDC users plugin: redirect error after changePassword

Question

My app is developed in CakePHP 3.x.

I use CakedDC Users plugin, and it works fine, except when the user wants to change his password, and click on Submit.

Let's say we have a Profile ID = 52606b3f-c72d-4485-9c76-3b0f8

The Edit page has a url like this:

localhost/my_app/profile/52606b3f-c72d-4485-9c76-3b0f8

The changePassword page has a url like this:

localhost/my_app/users/users/change-password/52606b3f-c72d-4485-9c76-3b0f8

When I click on Submit, it redirects to the profile page, but the ID is lost:

localhost/my_app/profile

and I get this error message:

Record not found in table "users" with primary key [NULL]

I think the reason is that the ID is not passed. And I don't find where and how to fix it.

Any help please ?.

Answer 1

I don't remember my initial code, but, after months, I found the solution.

in src/Controller/Traits/ProfileTrait.php, set $redirect = Configure::read('Users.Profile.route');

public function changePassword()
{
    $user = $this->getUsersTable()->newEntity();
    $id = $this->Auth->user('id');
    if (!empty($id)) {
        $user->id = $this->Auth->user('id');
        $validatePassword = true;
        //@todo add to the documentation: list of routes used
        $redirect = Configure::read('Users.Profile.route');
    } else {
        $user->id = $this->request->session()->read(Configure::read('Users.Key.Session.resetPasswordUserId'));
        $validatePassword = false;
        if (!$user->id) {
            $this->Flash->error(__d('CakeDC/Users', 'User was not found'));
            $this->redirect($this->Auth->config('loginAction'));

            return;
        }
        //@todo add to the documentation: list of routes used
        $redirect = $this->Auth->config('loginAction');
    }
    $this->set('validatePassword', $validatePassword);
    if ($this->request->is('post')) {
        try {
            $validator = $this->getUsersTable()->validationPasswordConfirm(new Validator());
            if (!empty($id)) {
                $validator = $this->getUsersTable()->validationCurrentPassword($validator);
            }
            $user = $this->getUsersTable()->patchEntity($user, $this->request->data(), ['validate' => $validator]);
            if ($user->errors()) {
                $this->Flash->error(__d('CakeDC/Users', 'Password could not be changed'));
            } else {
                $user = $this->getUsersTable()->changePassword($user);
                if ($user) {
                    $this->Flash->success(__d('CakeDC/Users', 'Password has been changed successfully'));

                    return $this->redirect($redirect);
                } else {
                    $this->Flash->error(__d('CakeDC/Users', 'Password could not be changed'));
                }
            }
        } catch (UserNotFoundException $exception) {
            $this->Flash->error(__d('CakeDC/Users', 'User was not found'));
        } catch (WrongPasswordException $wpe) {
            $this->Flash->error(__d('CakeDC/Users', '{0}', $wpe->getMessage()));
        } catch (Exception $exception) {
            $this->Flash->error(__d('CakeDC/Users', 'Password could not be changed'));
        }
    }
    $this->set(compact('user'));
    $this->set('_serialize', ['user']);
}

Answer 2

When id is not passed, the id is taken from the logged in user. You can take a look at src/Controller/Traits/ProfileTrait.php. Could you debug $this->Auth->user('id')?

Also, you could customize the redirect url after changing the password. Configure::write('Users.Profile.route', [{url}]), see src/Controller/Traits/PasswordManagementTrait.php Ln44.