CakePHP 1.3 | Alterar senha (erro validação): old_password, password and confirm_password

alterar_senha.ctp

<div class="institucional_right">
	<ul class='opcoes-perfil'>
		<li>
			<a href="">Perfil</a>
			<ul>
				<li><?php echo $this->Html->link('Alterar a Senha', array('controller' => 'users', 'action' => 'alterar_senha')) ?></li>
				<li><?php echo $this->Html->link('Atualizar os dados', array('controller' => 'users', 'action' => 'atualizar_dados')) ?></li>
			</ul>	
		</li>

	</ul>
</div>

<div class="institucional_left">

	<h1><?php e($this->data['User']['name']) ?>,</h1>
	<h2>Alterar a senha.</h2>
	<h3>Preencha as informações abaixo.</h3>

	<div class="dados-perfil">
		<?php echo $this->Form->create(null, array('controller' => 'users', 'action' => 'alterar_senha'));?>
			<fieldset>
			<?php
				echo $this->Form->input('id', array('value' => $this->data['User']['id'], 'type' => 'text'));
				echo $this->Form->input('old_password', array('label'=>'Senha Antiga', 'type' => 'password', 'value' => $this->data['User']['password']));
				echo $this->Form->input('password', array('label'=>'Nova Senha', 'type' => 'password'));
				echo $this->Form->input('confirm_password', array('label'=>'Confirmação da Nova Senha', 'type' => 'password'));
			?>
			</fieldset>
		<?php echo $this->Form->end(__('Atualizar', true));?>
	</div>
</div>

<div class="clear"></div>

user.php

<?php
class User extends AppModel {
	var $name = 'User';
	var $displayField = 'name';
	var $actsAs = array('Containable');
	//The Associations below have been created with all possible keys, those that are not needed can be removed

	var $validate = array(
		'username' => array(
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório'
			),
			'unique' => array(
				'rule' => 'isUnique',
				'message' => 'Usuário já cadastrado em nosso banco de dados',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			),
		),
		'password' => array(
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			),
			'Match passwords'=>array(
				'rule' => 'matchPasswords',
				'message' => 'Senha/Confirmação da Senha não são iguais'
			)
		),
		'old_password' => array(
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório',
				//'allowEmpty' => false,
				'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			)
		),	
		'confirm_password' => array(
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório',
				//'allowEmpty' => false,
				'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			)
		),				
		'email_address' => array(
			'email' => array(
				'rule' => array('email'),
				'message' => 'Email inválido',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			),
			'unique' => array(
				'rule' => 'isUnique',
				'message' => 'Email já cadastrado em nosso banco de dados',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			),
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				'on' => 'update', // Limit validation to 'create' or 'update' operations
			)
		),
		'name' => array(
			'notempty' => array(
				'rule' => array('notempty'),
				'message' => 'Campo obrigatório',
				//'allowEmpty' => false,
				//'required' => false,
				//'last' => false, // Stop validation after this rule
				//'on' => 'create', // Limit validation to 'create' or 'update' operations
			),
		)
	);

	var $belongsTo = array(
		'UserCreate' => array(
			'className' => 'User',
			'foreignKey' => 'who_create',
			'conditions' => '',
			'fields' => '',
			'order' => ''
		),
		'Gerente' => array(
			'className' => 'User',
			'foreignKey' => 'user_id',
			'conditions' => '',
			'fields' => '',
			'order' => ''
		)
	);
	
	var $hasMany = array(
		'PollsPollAnswer' => array(
			'className' => 'PollsPollAnswer',
			'foreignKey' => 'user_id',
			'dependent' => false,
			'conditions' => '',
			'fields' => '',
			'order' => '',
			'limit' => '',
			'offset' => '',
			'exclusive' => '',
			'finderQuery' => '',
			'counterQuery' => ''
		)
		,'Log' => array(
			'className' => 'Log',
			'foreignKey' => 'user_id',
			'dependent' => false,
			'conditions' => '',
			'fields' => '',
			'order' => '',
			'limit' => '',
			'offset' => '',
			'exclusive' => '',
			'finderQuery' => '',
			'counterQuery' => ''
		)
	);	

	var $hasAndBelongsToMany = array(
		'Group' => array(
			'className' => 'Group',
			'joinTable' => 'groups_users',
			'foreignKey' => 'user_id',
			'associationForeignKey' => 'group_id',
			'unique' => true,
			'conditions' => '',
			'fields' => '',
			'order' => '',
			'limit' => '',
			'offset' => '',
			'finderQuery' => '',
			'deleteQuery' => '',
			'insertQuery' => ''
		)
	);

	public function beforeSave($options = array()) {
		if(isset($this->data['User']['password'])) {
			$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
		}
		return parent::beforeSave($options);
	}	


	public function matchPasswords($data) {

		//if($this->checkPassword($data)) {
			if($data['password'] == $this->data['User']['confirm_password']) {
				return true;
			}
			$this->invalidate('confirm_password', 'matchPasswords');
			return false;
		//}
	}


	public function checkPassword($data) {
		$usuario = $this->find('first', array(
			'conditions' => array(
				'User.id' => $this->data['User']['id'],
				'User.password' => AuthComponent::password($this->data['User']['old_password'])
			)
		));

		if($usuario) {
			return true;
		}

		$this->invalidate('old_password', 'matchPasswords');
		return false;		
	}

}
?>

UsersController.php

	function alterar_senha() {
		$this->User->recursive = 0;

		if (!empty($this->data)) {

			$this->User->id = $this->Session->read('Auth.User.id');

			if ($this->User->save($this->data)) {
				$this->Session->setFlash('Senha alterada com sucesso!');
				// $this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash('Ocorreu um problema, e não foi possível alterar a sua senha. Tente novamente mais tarde.');
			}
		}

		$groups = $this->User->Group->find('list', array('order' => array('Group.name'=>'ASC')));

		$gerentes = $this->User->findUserGroupsArray(4);

		$this->set(compact('groups', 'gerentes'));

		$this->data = $this->User->read(null, $this->Session->read('Auth.User.id'));
	}