SF.net SVN: postfixadmin:[1297] trunk/model

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 1297
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1297&view=rev
Author:   christian_boltz
Date:     2011-12-19 22:50:12 +0000 (Mon, 19 Dec 2011)
Log Message:
-----------
PFAHandler.php:
- store unchecked input values given to set() in $this->RAWvalues before
  running the validation functions. This is needed to make comparing 
  password and password2 possible.
  (uppercase RAW intentional to make usage harder - hopefully hard enough
  to give everybody who wants to use it some time to think over secure
  programming when working with unchecked input ;-)

AdminHandler.php:
- compare password and password2

This commit means AdminHandler is complete :-)

(Note: db_log can't handle the admin-related log actions yet.)

Modified Paths:
--------------
    trunk/model/AdminHandler.php
    trunk/model/PFAHandler.php

Modified: trunk/model/AdminHandler.php
===================================================================

--- trunk/model/AdminHandler.php	2011-12-18 21:30:21 UTC (rev 1296)
+++ trunk/model/AdminHandler.php	2011-12-19 22:50:12 UTC (rev 1297)
@@ -206,6 +206,20 @@
         }
     }
 
+    /**
+     * compare password / password2 field
+     * error message will be displayed at the password2 field
+     */
+    protected function _field_password2($field, $val) {
+        if ($this->RAWvalues['password'] == $this->RAWvalues['password2']) {
+            unset ($this->errormsg['password2']); # no need to warn about too short etc. passwords - it's enough to display this message at the 'password' field
+            return true;
+        }
+
+        $this->errormsg['password2'] = Lang::read('pAdminEdit_admin_password_text_error');
+        return false;
+    }
+
 }
 
 /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

Modified: trunk/model/PFAHandler.php
===================================================================
--- trunk/model/PFAHandler.php	2011-12-18 21:30:21 UTC (rev 1296)
+++ trunk/model/PFAHandler.php	2011-12-19 22:50:12 UTC (rev 1297)
@@ -7,6 +7,7 @@
     protected $struct = array();
     protected $new = 0; # 1 on create, otherwise 0
     protected $values = array();
+    protected $RAWvalues = array(); # unchecked (!) input given to set() - use it carefully!
     protected $values_valid = false;
     protected $admin_username = "";     # if set, restrict $allowed_domains to this admin
     protected $domain_field = "";       # column containing the domain
@@ -88,6 +89,9 @@
             $values[$this->id_field] = $this->id;
         }
 
+        $this->RAWvalues = $values; # allows comparison of two fields before the second field is checked
+        # Warning: $this->RAWvalues contains unchecked input data - use it carefully!
+
         # base validation
         $this->values = array();
         $this->values_valid = false;

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



