finished write-up for broken auth

2013-11-14 10:47:27 -05:00
parent 5fff355181
commit b84c8d4cc7
3 changed files with 21 additions and 7 deletions
@@ -70,11 +70,19 @@
 				<li>1 special character</li>
 			  </p>	
 			  <pre class="ruby">
-				  validates :password, :presence => true,
-				                       :confirmation => true,
-				                       :length => {:within => 6..40},
-				                       :on => :create,
-				                       <span style="background-color: yellow">:format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}</span>
+			  # VALIDATE PASSWORD BOTH AT CREATION AND WHEN UPDATING	 
+			  validates :password, :presence => true,
+			                        :confirmation => true,
+			                        :length => {:within => 6..40},
+			                        :on => :create,
+			                        :if => :password,
+			                        :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
+			  validates :password, :presence => true,
+			                         :confirmation => true,
+			                         :on => :update,
+			                         :if => :password,
+			                         :format => {:with => /\A.*(?=.{10,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\@\#\$\%\^\&\+\=]).*\z/}
+										
 			  </pre>	
            </div>
          </div>