It's making sense to me now that the password should never be placed back into the form, but I am considering the user's perspective. If the form is loaded with an empty password field, the user may think it didn't get saved.
If anything I'd like to fill the password field with "xxxxxx" just to give the appearance of a filled-out password field, but that doesn't seem possible with Zend_Form as it keeps hiding the value.
For now I have added a description decorator that reads "enter the password only if you need to change it" and on the server side I'm ignoring empty posted passwords. It doesn't seem user friendly but I'll try to make it work for our users. Thanks again for the help :)
-Hector
Bill Karwin wrote:
Hector Virgen wrote:I have a password field in one of my forms. How can I pre-populate that field with a value? I have tried setting the value with $form->password->setValue() but when the form is rendered the password field shows up blank. I know this is the intended behavior for login forms, but the form I am working with now is not a login form. Thanks for the help!It doesn't matter if it's a login form. You should never pre-populate a password field. You shouldn't even store a password in plaintext; instead you should store a one-way hash of the salted password. So therefore you should never be able to retrieve the value with which you would pre-populate the password field. Regards, Bill Karwin
没有评论:
发表评论