mlanthaler: In PasswordField::performReadonlyTransformation() was an E_NOTICE error. Instead of fixing it, I changed also the behavior.

There are displayed now always five stars, so it is impossible to use the information of the password length for brute-force attacks. 
(merged from branches/gsoc)


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41953 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2007-09-15 21:38:05 +00:00
parent 71f9ac0c10
commit 59fbe53120

View File

@ -1,38 +1,50 @@
<?php <?php
/** /**
* Text input field. * Password input field.
*/ */
class PasswordField extends FormField { class PasswordField extends FormField {
protected $maxLength;
/** /**
* Returns an input field, class="text" and type="text" with an optional maxlength * maxlength of the password field
*
* @var int
*/ */
function __construct($name, $title = null, $value = "", $maxLength = null ){ protected $maxLength;
/**
* Returns an input field, class="text" and type="text" with an optional
* maxlength
*/
function __construct($name, $title = null, $value = "", $maxLength = null) {
$this->maxLength = $maxLength; $this->maxLength = $maxLength;
parent::__construct($name, $title, $value); parent::__construct($name, $title, $value);
} }
function Field() { function Field() {
if($this->maxLength){ if($this->maxLength) {
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" maxlength=\"$this->maxLength\" size=\"$this->maxLength\"/>"; return "<input class=\"text\" type=\"password\" id=\"" . $this->id() .
}else{ "\" name=\"{$this->name}\" value=\"" . $this->attrValue() .
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" />"; "\" maxlength=\"$this->maxLength\" size=\"$this->maxLength\"/>";
} else {
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() .
"\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" />";
} }
} }
/** /**
* Makes a pretty readonly field with stars the length of the password instead of the * Makes a pretty readonly field with some stars in it
* actual one. ;)
*/ */
function performReadonlyTransformation() { function performReadonlyTransformation() {
$stars = ''; $stars = '*****';
$count = strlen($this->attrValue());
do{ $stars .= "*";} while(strlen($stars) <= $count);
$field = new ReadonlyField($this->name,$this->title ? $this->title : "",$stars); $field = new ReadonlyField($this->name, $this->title ? $this->title : '', $stars);
$field->setForm($this->form); $field->setForm($this->form);
return $field; return $field;
} }
} }
?> ?>