ZF-2697: Password element repopulates posted value in html

Issue Type: Bug Created: 2008-02-20T21:09:13.000+0000 Last Updated: 2008-03-21T16:25:36.000+0000 Status: Resolved Fix version(s): - 1.5.0 (17/Mar/08)

Reporter: Jason Eisenmenger (jasoneisen) Assignee: Matthew Weier O'Phinney (matthew) Tags: - Zend_Form

Related issues: Attachments:


This is somewhat an extension of bug:

<pre class="highlight">
; general form metainformation
user.login.action = "/user/login"
user.login.method = "post"

; username element
user.login.elements.username.type = "text"
user.login.elements.username.options.validators.alnum.validator = "alnum"
user.login.elements.username.options.validators.regex.validator = "regex"
user.login.elements.username.options.validators.regex.options.pattern = "/^[a-z]/i"
user.login.elements.username.options.validators.strlen.validator = "StringLength"
user.login.elements.username.options.validators.strlen.options.min = "6"
user.login.elements.username.options.validators.strlen.options.max = "20"
user.login.elements.username.options.required = true
user.login.elements.username.options.filters.lower.filter = "StringToLower"

; password element
user.login.elements.password.type = "password"
user.login.elements.password.options.validators.strlen.validator = "StringLength"
user.login.elements.password.options.validators.strlen.options.min = "6"
user.login.elements.password.options.required = true

; submit element
user.login.elements.submit.type = "submit"

<pre class="highlight">
$config = new Zend_Config_Ini('/path/to/config.ini', 'development')
$form = new Zend_Form($config);

if (!$form->isValid($this->getRequest()->getPost())) {
$this->view->login_form = $form;

If the password "asdf" is entered, the error message will be:

'"****" is less than 6 characters long'

which is good, but the field itself is populated. And when you look at the HTML it shows something like:

<pre class="highlight">

It doesn't seem to me like good practice to repopulate the password field, although I'm sure there's some situations that warrant it. If the password has failed, I find it very unlikely a user will be changing it from within the html. I would suggest not repopulating it by default, but creating an element configuration option that allows it to persist.


Posted by Matthew Weier O'Phinney (matthew) on 2008-02-20T21:45:09.000+0000

Fixed in trunk; password value is now always hard-coded to empty.

Posted by Matthew Weier O'Phinney (matthew) on 2008-02-20T21:45:51.000+0000

Clarification: the value in the view helper is always hard-coded to empty; the form can always retain the value.

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.