function edit()
{
if (!empty($this->data)) {
// is the user updating their password?
if (isset($this->data['User']['password']) && isset($this->data['User']['password_confirm'])) {
$this->User->set($this->data);
$this->User->id = $this->Session->read('Auth.User.id');
// check that the passwords are valid
if ($this->User->validates(array('fieldList' => array('password', 'password_confirm')))) {
// hash the passwords
$password = Security::hash($this->data['User']['password'], null, true);
$password_confirm = Security::hash($this->data['User']['password_confirm'], null, true);
if ($this->User->saveField('password', $password)) {
$this->Session->setFlash('Your password has been updated successfully.');
} else {
$this->Session->setFlash('There was a problem saving your password', 'error');
}
} else {
$this->User->invalidFields();
}
// clear out the fields
$this->data['User']['password'] = '';
$this->data['User']['password_confirm'] = '';
}
}
}