Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

FIX: ConfirmedPasswordField used to expose existing hash

  • Loading branch information...
commit f2c4a629a731123b097790d361ebbac84989e46a 1 parent 6bc9cfe
@hafriedlander hafriedlander authored mateusz committed
View
5 forms/ConfirmedPasswordField.php
@@ -192,7 +192,10 @@ public function setChildrenTitles($titles) {
/**
* Value is sometimes an array, and sometimes a single value, so we need to handle both cases
*/
- public function setValue($value) {
+ public function setValue($value, $data = null) {
+ // If $data is a DataObject, don't use the value, since it's a hashed value
+ if ($data && $data instanceof DataObject) $value = '';
+
if(is_array($value)) {
if($value['_Password'] || (!$value['_Password'] && !$this->canBeEmpty)) {
$this->value = $value['_Password'];
View
20 tests/forms/ConfirmedPasswordFieldTest.php
@@ -15,6 +15,26 @@ public function testSetValue() {
$this->assertEquals('valueB', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
}
+ public function testHashHidden() {
+ $field = new ConfirmedPasswordField('Password', 'Password', 'valueA');
+ $field->setCanBeEmpty(true);
+
+ $this->assertEquals('valueA', $field->Value());
+ $this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
+ $this->assertEquals('valueA', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
+
+ $member = new Member();
+ $member->Password = "valueB";
+ $member->write();
+
+ $form = new Form($this, 'Form', new FieldList($field), new FieldList());
+ $form->loadDataFrom($member);
+
+ $this->assertEquals('', $field->Value());
+ $this->assertEquals('', $field->children->fieldByName($field->getName() . '[_Password]')->Value());
+ $this->assertEquals('', $field->children->fieldByName($field->getName() . '[_ConfirmPassword]')->Value());
+ }
+
public function testSetShowOnClick() {
//hide by default and display show/hide toggle button
$field = new ConfirmedPasswordField('Test', 'Testing', 'valueA', null, true);
Please sign in to comment.
Something went wrong with that request. Please try again.