(on Monday, 04 August 2008, 02:44 PM -0700):
> Zend_Form is removing the value completely from the input field when the form
> is rendered.
>
>
> // Try to pre-populate the password field
> <?php
>
> $form->password->setValue('test');
> echo $form;
>
> ?>
>
> // Snippet of output:
> <input type="password" name="password" id="password" value="" />
>
> // Expected output:
> <input type="password" name="password" id="password" value="test" />
>
>
> I'm not entirely convinced that showing an empty field is the best way to go in
> this case, but I can try to make it work without causing confusion. Thanks for
> all your help :)
There's actually a flag for the Password element that allows you to
render the password:
$form->password->renderPassword = true;
(or set the 'renderPassword' configuration value to a true value).
> Jeremy Brown wrote:
>
>
> <snip>
>
> If anything I'd like to fill the password field with "xxxxxx" just to give
> the appearance of a filled-out password field, but that doesn't seem
> possible with Zend_Form as it keeps hiding the value.
>
> </snip>
>
>
>
> Actually, it's the browser that keeps hiding the password, not Zend_Form.
> The field type of 'password' means something special to each browser, but
> most agree that they should display any value provided as asterisks,
> bullets or some other mechanism of obscuring the contents.
>
>
>
> In the sense that Zend_Form is outputting a password field I suppose you
> could say it is hiding it, but in reality, it is the browser.
>
>
>
>
>
> ----
>
> Jeremy Brown
> Senior Web Developer
>
> Spear One
> 972.661.6038
> www.spearone.com
>
>
>
> From: Hector Virgen [mailto:djvirgen@gmail.com]
> Sent: Monday, August 04, 2008 4:22 PM
> To: Bill Karwin
> Cc: fw-mvc@lists.zend.com
> Subject: Re: [fw-mvc] Prepopulating a password field with Zend_Form
>
>
>
> Thanks for your input, Bill. This field is not going to be used for a login
> form. It's for a password manager, and the password will have to be stored
> in plain text (or reversible encryption) so it can be forwarded to the
> correct application.
>
> It's making sense to me now that the password should never be placed back
> into the form, but I am considering the user's perspective. If the form is
> loaded with an empty password field, the user may think it didn't get
> saved.
>
> If anything I'd like to fill the password field with "xxxxxx" just to give
> the appearance of a filled-out password field, but that doesn't seem
> possible with Zend_Form as it keeps hiding the value.
>
> For now I have added a description decorator that reads "enter the password
> only if you need to change it" and on the server side I'm ignoring empty
> posted passwords. It doesn't seem user friendly but I'll try to make it
> work for our users. Thanks again for the help :)
>
> -Hector
>
> Bill Karwin wrote:
>
>
>
>
>
> Hector Virgen wrote:
>
>
>
> I have a password field in one of my forms. How can I pre-populate that
>
> field with a value? I have tried setting the value with
>
> $form->password->setValue() but when the form is rendered the password
>
> field
>
> shows up blank. I know this is the intended behavior for login forms, but
>
> the form I am working with now is not a login form. Thanks for the help!
>
>
>
>
>
>
>
>
> It doesn't matter if it's a login form. You should never pre-populate a
>
> password field.
>
>
>
> You shouldn't even store a password in plaintext; instead you should store a
>
> one-way hash of the salted password. So therefore you should never be able
>
> to retrieve the value with which you would pre-populate the password field.
>
>
>
> Regards,
>
> Bill Karwin
>
>
>
>
--
Matthew Weier O'Phinney
Software Architect | matthew@zend.com
Zend Framework | http://framework.zend.com/
没有评论:
发表评论