mlanthaler: In PasswordField::performReadonlyTransformation() was an E_NOTICE error. Instead of fixing it, I changed also the behavior.

There are displayed now always five stars, so it is impossible to use the information of the password length for brute-force attacks. 
(merged from branches/gsoc)


git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41953 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2007-09-15 21:38:05 +00:00
parent 71f9ac0c10
commit 59fbe53120

View File

@ -1,38 +1,50 @@
<?php
/**
* Text input field.
*/
class PasswordField extends FormField {
protected $maxLength;
/**
* Returns an input field, class="text" and type="text" with an optional maxlength
* Password input field.
*/
class PasswordField extends FormField {
/**
* maxlength of the password field
*
* @var int
*/
protected $maxLength;
/**
* Returns an input field, class="text" and type="text" with an optional
* maxlength
*/
function __construct($name, $title = null, $value = "", $maxLength = null) {
$this->maxLength = $maxLength;
parent::__construct($name, $title, $value);
}
function Field() {
if($this->maxLength) {
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" maxlength=\"$this->maxLength\" size=\"$this->maxLength\"/>";
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() .
"\" name=\"{$this->name}\" value=\"" . $this->attrValue() .
"\" maxlength=\"$this->maxLength\" size=\"$this->maxLength\"/>";
} else {
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() . "\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" />";
return "<input class=\"text\" type=\"password\" id=\"" . $this->id() .
"\" name=\"{$this->name}\" value=\"" . $this->attrValue() . "\" />";
}
}
/**
* Makes a pretty readonly field with stars the length of the password instead of the
* actual one. ;)
* Makes a pretty readonly field with some stars in it
*/
function performReadonlyTransformation() {
$stars = '';
$count = strlen($this->attrValue());
do{ $stars .= "*";} while(strlen($stars) <= $count);
$stars = '*****';
$field = new ReadonlyField($this->name,$this->title ? $this->title : "",$stars);
$field = new ReadonlyField($this->name, $this->title ? $this->title : '', $stars);
$field->setForm($this->form);
return $field;
}
}
?>