2007-09-11 02:26:55 +02:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Shows two password-fields, and checks for matching passwords.
|
2007-12-19 02:45:22 +01:00
|
|
|
* Optionally hides the fields by default and shows
|
|
|
|
* a link to toggle their visibility.
|
2007-09-11 02:26:55 +02:00
|
|
|
*/
|
|
|
|
class ConfirmedPasswordField extends FormField {
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Minimum character length of the password.
|
|
|
|
*
|
|
|
|
* @var int
|
|
|
|
*/
|
2007-09-11 02:26:55 +02:00
|
|
|
public $minLength = 6;
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Maximum character length of the password.
|
|
|
|
*
|
|
|
|
* @var int
|
|
|
|
*/
|
2007-09-11 02:26:55 +02:00
|
|
|
public $maxLength = 20;
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Enforces at least one digit and one alphanumeric
|
|
|
|
* character (in addition to {$minLength} and {$maxLength}
|
|
|
|
*
|
|
|
|
* @var boolean
|
|
|
|
*/
|
2007-09-11 02:26:55 +02:00
|
|
|
public $requireStrongPassword = false;
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Allow empty fields in serverside validation
|
|
|
|
*
|
|
|
|
* @var boolean
|
|
|
|
*/
|
2007-09-11 02:26:55 +02:00
|
|
|
public $canBeEmpty = false;
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Hide the two password fields by default,
|
|
|
|
* and provide a link instead that toggles them.
|
|
|
|
*
|
|
|
|
* @var boolean
|
|
|
|
*/
|
|
|
|
protected $showOnClick = false;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Title for the link that triggers
|
|
|
|
* the visibility of password fields.
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
public $showOnClickTitle = 'Change Password';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $name
|
|
|
|
* @param string $title
|
|
|
|
* @param mixed $value
|
|
|
|
* @param Form $form
|
|
|
|
* @param boolean $showOnClick
|
|
|
|
*/
|
|
|
|
function __construct($name, $title = null, $value = "", $form = null, $showOnClick = false) {
|
2007-09-11 02:26:55 +02:00
|
|
|
// naming with underscores to prevent values from actually being saved somewhere
|
|
|
|
$this->children = new FieldSet(
|
2007-10-25 04:47:45 +02:00
|
|
|
new PasswordField("{$name}[_Password]", _t('Member.PASSWORD')),
|
|
|
|
new PasswordField("{$name}[_ConfirmPassword]",_t('Member.CONFIRMPASSWORD', 'Confirm Password'))
|
2007-09-11 02:26:55 +02:00
|
|
|
);
|
2007-12-19 02:45:22 +01:00
|
|
|
|
|
|
|
$this->showOnClick = $showOnClick;
|
|
|
|
if($this->showOnClick) {
|
|
|
|
$this->children->push(new HiddenField("{$name}[_PasswordFieldVisible]"));
|
|
|
|
}
|
|
|
|
|
|
|
|
// we have labels for the subfields
|
|
|
|
$title = false;
|
2007-09-11 02:26:55 +02:00
|
|
|
|
|
|
|
parent::__construct($name, $title, $value, $form);
|
|
|
|
}
|
|
|
|
|
|
|
|
function Field() {
|
2007-12-19 02:45:22 +01:00
|
|
|
Requirements::javascript('jsparty/prototype.js');
|
|
|
|
Requirements::javascript('jsparty/behaviour.js');
|
|
|
|
Requirements::javascript('sapphire/javascript/ConfirmedPasswordField.js');
|
|
|
|
|
2007-09-11 02:26:55 +02:00
|
|
|
$content = '';
|
2007-12-19 02:45:22 +01:00
|
|
|
|
|
|
|
if($this->showOnClick) {
|
|
|
|
|
|
|
|
$content .= "<div class=\"showOnClick\">\n";
|
|
|
|
$content .= "<a href=\"#\">{$this->showOnClickTitle}</a>\n";
|
|
|
|
$content .= "<div class=\"showOnClickContainer\">";
|
|
|
|
}
|
|
|
|
|
2007-09-11 02:26:55 +02:00
|
|
|
foreach($this->children as $field) {
|
2007-12-19 02:45:22 +01:00
|
|
|
$content .= $field->FieldHolder();
|
|
|
|
}
|
|
|
|
|
|
|
|
if($this->showOnClick) {
|
|
|
|
$content .= "</div>\n";
|
|
|
|
$content .= "</div>\n";
|
2007-09-11 02:26:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return $content;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Can be empty is a flag that turns on/off empty field checking.
|
|
|
|
* For example, set this to false (the default) when creating a user account,
|
|
|
|
* and true
|
|
|
|
*/
|
|
|
|
function setCanBeEmpty($value) {
|
|
|
|
$this->canBeEmpty = (bool)$value;
|
|
|
|
}
|
|
|
|
|
|
|
|
function setRightTitle($title) {
|
|
|
|
foreach($this->children as $field) {
|
|
|
|
$field->setRightTitle($title);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Value is sometimes an array, and sometimes a single value, so we need to handle both cases
|
|
|
|
*/
|
|
|
|
function setValue($value) {
|
|
|
|
if(is_array($value)) {
|
|
|
|
if($value['_Password'] || (!$value['_Password'] && !$this->canBeEmpty)) {
|
|
|
|
$this->value = $value['_Password'];
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if($value || (!$value && !$this->canBeEmpty)) {
|
|
|
|
$this->value = $value;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
function jsValidation() {
|
2007-09-11 02:26:55 +02:00
|
|
|
$formID = $this->form->FormName();
|
2007-12-19 02:45:22 +01:00
|
|
|
$jsTests = '';
|
|
|
|
|
|
|
|
$jsTests .= "
|
|
|
|
// if fields are hidden, reset values and don't validate
|
|
|
|
var containers = $$('.showOnClickContainer', $('#'+fieldName));
|
|
|
|
if(containers.length && !Element.visible(containers[0])) {
|
|
|
|
passEl.value = null;
|
|
|
|
confEl.value = null;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
";
|
2007-09-11 02:26:55 +02:00
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
$jsTests .= "
|
2007-09-11 02:26:55 +02:00
|
|
|
if(passEl.value != confEl.value) {
|
|
|
|
validationError(confEl, \"Passwords have to match.\", \"error\");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
";
|
|
|
|
|
|
|
|
if(!$this->canBeEmpty) {
|
|
|
|
$jsTests .= "
|
|
|
|
if(!passEl.value || !confEl.value) {
|
|
|
|
validationError(confEl, \"Passwords can't be empty.\", \"error\");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
";
|
|
|
|
}
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
if(($this->minLength || $this->maxLength)) {
|
2007-09-11 02:26:55 +02:00
|
|
|
if($this->minLength && $this->maxLength) {
|
|
|
|
$limit = "{$this->minLength},{$this->maxLength}";
|
|
|
|
$errorMsg = "Passwords must be {$this->minLength} to {$this->maxLength} characters long.";
|
|
|
|
} elseif($this->minLength) {
|
|
|
|
$limit = "{$this->minLength}";
|
|
|
|
$errorMsg = "Passwords must be at least {$this->minLength} characters long.";
|
|
|
|
} elseif($this->maxLength) {
|
|
|
|
$limit = "0,{$this->maxLength}";
|
|
|
|
$errorMsg = "Passwords must be at most {$this->maxLength} characters long.";
|
|
|
|
}
|
|
|
|
$limitRegex = '/^.{' . $limit . '}$/';
|
|
|
|
$jsTests .= "
|
2007-12-19 02:45:22 +01:00
|
|
|
if(passEl.value && !passEl.value.match({$limitRegex})) {
|
2007-09-11 02:26:55 +02:00
|
|
|
validationError(confEl, \"{$errorMsg}\", \"error\");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
";
|
|
|
|
}
|
|
|
|
|
|
|
|
if($this->requireStrongPassword) {
|
|
|
|
$jsTests .= "
|
|
|
|
if(!passEl.value.match(/^(([a-zA-Z]+\d+)|(\d+[a-zA-Z]+))[a-zA-Z0-9]*$/)) {
|
|
|
|
validationError(
|
|
|
|
confEl,
|
|
|
|
\"Passwords must have at least one digit and one alphanumeric character.\",
|
|
|
|
\"error\"
|
|
|
|
);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
";
|
|
|
|
}
|
|
|
|
|
|
|
|
$jsFunc =<<<JS
|
|
|
|
Behaviour.register({
|
|
|
|
"#$formID": {
|
|
|
|
validateConfirmedPassword: function(fieldName) {
|
|
|
|
var passEl = _CURRENT_FORM.elements['Password[_Password]'];
|
|
|
|
var confEl = _CURRENT_FORM.elements['Password[_ConfirmPassword]'];
|
|
|
|
$jsTests
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
JS;
|
|
|
|
Requirements :: customScript($jsFunc, 'func_validateConfirmedPassword');
|
|
|
|
|
|
|
|
//return "\$('$formID').validateConfirmedPassword('$this->name');";
|
|
|
|
return <<<JS
|
|
|
|
if(typeof fromAnOnBlur != 'undefined'){
|
|
|
|
if(fromAnOnBlur.name == '$this->name')
|
|
|
|
$('$formID').validateConfirmedPassword('$this->name');
|
|
|
|
}else{
|
|
|
|
$('$formID').validateConfirmedPassword('$this->name');
|
|
|
|
}
|
|
|
|
JS;
|
|
|
|
}
|
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Determines if the field was actually
|
|
|
|
* shown on the clientside - if not,
|
|
|
|
* we don't validate or save it.
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
function isSaveable() {
|
|
|
|
$isVisible = $this->children->fieldByName($this->Name() . '[_PasswordFieldVisible]');
|
|
|
|
return (!$this->showOnClick || ($this->showOnClick && $isVisible && $isVisible->Value()));
|
|
|
|
}
|
|
|
|
|
2007-09-11 02:26:55 +02:00
|
|
|
function validate() {
|
|
|
|
$validator = $this->form->getValidator();
|
|
|
|
$name = $this->name;
|
2007-12-19 02:45:22 +01:00
|
|
|
|
|
|
|
// if field isn't visible, don't validate
|
|
|
|
if(!$this->isSaveable()) return true;
|
|
|
|
|
2007-09-11 02:26:55 +02:00
|
|
|
$passwordField = $this->children->fieldByName($name.'[_Password]');
|
|
|
|
$passwordConfirmField = $this->children->fieldByName($name.'[_ConfirmPassword]');
|
|
|
|
$passwordField->setValue($_POST[$name]['_Password']);
|
|
|
|
$passwordConfirmField->setValue($_POST[$name]['_ConfirmPassword']);
|
2007-12-19 02:45:22 +01:00
|
|
|
|
|
|
|
$value = $passwordField->Value();
|
|
|
|
|
2007-09-11 02:26:55 +02:00
|
|
|
// both password-fields should be the same
|
2007-12-19 02:45:22 +01:00
|
|
|
if($value != $passwordConfirmField->Value()) {
|
2007-10-25 04:47:45 +02:00
|
|
|
$validator->validationError($name, _t('Form.VALIDATIONPASSWORDSDONTMATCH',"Passwords don't match"), "validation", false);
|
2007-09-11 02:26:55 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if(!$this->canBeEmpty) {
|
|
|
|
// both password-fields shouldn't be empty
|
2007-12-19 02:52:11 +01:00
|
|
|
if(!$value || !$passwordConfirmField->Value()) {
|
2007-10-25 04:47:45 +02:00
|
|
|
$validator->validationError($name, _t('Form.VALIDATIONPASSWORDSNOTEMPTY', "Passwords can't be empty"), "validation", false);
|
2007-09-11 02:26:55 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// lengths
|
2007-12-19 02:45:22 +01:00
|
|
|
if(($this->minLength || $this->maxLength)) {
|
2007-09-11 02:26:55 +02:00
|
|
|
if($this->minLength && $this->maxLength) {
|
|
|
|
$limit = "{$this->minLength},{$this->maxLength}";
|
|
|
|
$errorMsg = "Passwords must be {$this->minLength} to {$this->maxLength} characters long.";
|
|
|
|
} elseif($this->minLength) {
|
|
|
|
$limit = "{$this->minLength}";
|
|
|
|
$errorMsg = "Passwords must be at least {$this->minLength} characters long.";
|
|
|
|
} elseif($this->maxLength) {
|
|
|
|
$limit = "0,{$this->maxLength}";
|
|
|
|
$errorMsg = "Passwords must be at most {$this->maxLength} characters long.";
|
|
|
|
}
|
|
|
|
$limitRegex = '/^.{' . $limit . '}$/';
|
2007-12-19 02:45:22 +01:00
|
|
|
if(!empty($value) && !preg_match($limitRegex,$value)) {
|
2007-09-11 02:26:55 +02:00
|
|
|
$validator->validationError('Password', $errorMsg,
|
|
|
|
"validation",
|
|
|
|
false
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if($this->requireStrongPassword) {
|
2007-12-19 02:45:22 +01:00
|
|
|
if(!preg_match('/^(([a-zA-Z]+\d+)|(\d+[a-zA-Z]+))[a-zA-Z0-9]*$/',$value)) {
|
2007-09-11 02:26:55 +02:00
|
|
|
$validator->validationError(
|
|
|
|
'Password',
|
2007-10-25 04:47:45 +02:00
|
|
|
_t('Form.VALIDATIONSTRONGPASSWORD', "Passwords must have at least one digit and one alphanumeric character."),
|
2007-09-11 02:26:55 +02:00
|
|
|
"validation",
|
|
|
|
false
|
|
|
|
);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
2007-11-12 03:58:27 +01:00
|
|
|
|
2007-12-19 02:45:22 +01:00
|
|
|
/**
|
|
|
|
* Only save if field was shown on the client,
|
|
|
|
* and is not empty.
|
|
|
|
*
|
|
|
|
* @param DataObject $record
|
|
|
|
* @return bool
|
|
|
|
*/
|
2007-11-12 03:58:27 +01:00
|
|
|
function saveInto(DataObject $record) {
|
2007-12-19 02:45:22 +01:00
|
|
|
if(!$this->isSaveable()) return false;
|
|
|
|
|
2007-11-12 03:58:27 +01:00
|
|
|
if(!($this->canBeEmpty && !$this->value)) {
|
|
|
|
parent::saveInto($record);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Makes a pretty readonly field with some stars in it
|
|
|
|
*/
|
|
|
|
function performReadonlyTransformation() {
|
|
|
|
$stars = '*****';
|
|
|
|
|
|
|
|
$field = new ReadonlyField($this->name, $this->title ? $this->title : _t('Member.PASSWORD'), $stars);
|
|
|
|
$field->setForm($this->form);
|
|
|
|
return $field;
|
|
|
|
}
|
|
|
|
}
|