Issues

ZF-2860: (re)render the submitted password

Issue Type: Patch Created: 2008-03-11T09:48:07.000+0000 Last Updated: 2008-05-05T11:44:44.000+0000 Status: Resolved Fix version(s): - 1.5.2 (15/May/08)

Reporter: Alexander Lanin (alexl) Assignee: Matthew Weier O'Phinney (matthew) Tags: - Zend_Form

  • Zend_View

Related issues: Attachments:

Description

Why I want this? here is an example: registration form: username, password. validator fails: username is already in use form renders again with the username's errormessage and password input is gone. the user has to type it in again (twice for confirmation)

while this might be usefull for security reasons I prefere user friendly websites. my patch will not render the password by default, just add a setRenderPassword() method to Zend_Form_Element_Password

patch:

<pre class="highlight">Index: Form/Element/Password.php
===================================================================
--- Form/Element/Password.php   (revision 8741)
+++ Form/Element/Password.php   (working copy)
@@ -40,7 +40,31 @@
      */
     public $helper = 'formPassword';
 
+    public $options = array();
+
     /**
+     * should the entered password be rerendered when form is rerendered due to error (or success)
+     *
+     * @param bool $flag
+     * @return Zend_Form_Element_Password $this
+     */
+    public function setRenderPassword($flag) {
+        // small hack. we can access attribs in Zend_View_Helper_FormPassword
+        $this->options['renderPassword'] = (bool) $flag;
+        return $this;
+    }
+    
+    /**
+     * returns whether passord will be rerendered when form is rerendered due to error (or success)
+     *
+     * @return bool
+     */
+    public function getRenderPassword() {
+        // this way unset and false will return false
+        return !empty($this->options['renderPassword']);
+    }
+
+    /**
      * Override isValid()
      *
      * Ensure that validation error messages mask password value.
Index: View/Helper/FormPassword.php
===================================================================
--- View/Helper/FormPassword.php    (revision 8741)
+++ View/Helper/FormPassword.php    (working copy)
@@ -52,9 +52,9 @@
      *
      * @return string The element XHTML.
      */
-    public function formPassword($name, $value = null, $attribs = null)
+    public function formPassword($name, $value = null, $attribs = null, $options = null)
     {
-        $info = $this->_getInfo($name, $value, $attribs);
+        $info = $this->_getInfo($name, $value, $attribs, $options);
         extract($info); // name, value, attribs, options, listsep, disable
 
         // build the element
@@ -69,11 +69,17 @@
         if (($this->view instanceof Zend_View_Abstract) && !$this->view->doctype()->isXhtml()) {
             $endTag= '>';
         }
+        
+        // for security reasons don't render value of password by default!
+        // empty returns true when renderPassword is false or not set
+        if(empty($options['renderPassword'])) {
+            $value = '';
+        }
 
         $xhtml = '_htmlAttribs($attribs)
                 . $endTag;

both ways are working:

<pre class="highlight">new Zend_Form_Element_Password('password', array('renderPassword' => true));

$password = new Zend_Form_Element_Password('password');
$password ->setRenderPassword(true);

Comments

Posted by Wil Sinclair (wil) on 2008-03-25T20:29:10.000+0000

Please categorize/fix as needed.

Posted by Matthew Weier O'Phinney (matthew) on 2008-04-22T11:19:07.000+0000

Scheduling for next mini release.

Posted by Matthew Weier O'Phinney (matthew) on 2008-05-02T12:18:27.000+0000

Resolved in trunk and 1.5 release branch. You may now pass a 'renderPassword' attribute to formPassword() (or set it in your Zend_Form_Element_Password object), and the password will be re-rendered in the form.

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts