tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

FIX: ConfirmedPasswordField used to expose existing hash

Browse Source
This commit is contained in:
Hamish Friedlander 2013-06-20 14:08:46 +12:00 committed by Mateusz Uzdowski
parent 6bc9cfe46d
commit f2c4a629a7
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
forms/ConfirmedPasswordField.php
View File

@ -192,7 +192,10 @@ class ConfirmedPasswordField extends FormField {
/** /**
* Value is sometimes an array, and sometimes a single value, so we need to handle both cases * Value is sometimes an array, and sometimes a single value, so we need to handle both cases
*/ */
public function setValue($value) { public function setValue($value, $data = null) {
// If $data is a DataObject, don't use the value, since it's a hashed value
if ($data && $data instanceof DataObject) $value = '';
if(is_array($value)) { if(is_array($value)) {
if($value['_Password'] || (!$value['_Password'] && !$this->canBeEmpty)) { if($value['_Password'] || (!$value['_Password'] && !$this->canBeEmpty)) {
$this->value = $value['_Password']; $this->value = $value['_Password'];

20
tests/forms/ConfirmedPasswordFieldTest.php
View File

@ -15,6 +15,26 @@ class ConfirmedPasswordFieldTest extends SapphireTest {
$this->assertEquals('valueB', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value()); $this->assertEquals('valueB', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
} }
public function testHashHidden() {
$field = new ConfirmedPasswordField('Password', 'Password', 'valueA');
$field->setCanBeEmpty(true);
$this->assertEquals('valueA', $field->Value());
$this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
$this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
$member = new Member();
$member->Password = "valueB";
$member->write();
$form = new Form($this, 'Form', new FieldList($field), new FieldList());
$form->loadDataFrom($member);
$this->assertEquals('', $field->Value());
$this->assertEquals('', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
$this->assertEquals('', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
}
public function testSetShowOnClick() { public function testSetShowOnClick() {
//hide by default and display show/hide toggle button //hide by default and display show/hide toggle button
$field = new ConfirmedPasswordField('Test', 'Testing', 'valueA', null, true); $field = new ConfirmedPasswordField('Test', 'Testing', 'valueA', null, true);