SF.net SVN: postfixadmin:[1297] trunk/model
Brought to you by:
christian_boltz,
gingerdog
From: <chr...@us...> - 2011-12-19 22:50:18
|
Revision: 1297 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1297&view=rev Author: christian_boltz Date: 2011-12-19 22:50:12 +0000 (Mon, 19 Dec 2011) Log Message: ----------- PFAHandler.php: - store unchecked input values given to set() in $this->RAWvalues before running the validation functions. This is needed to make comparing password and password2 possible. (uppercase RAW intentional to make usage harder - hopefully hard enough to give everybody who wants to use it some time to think over secure programming when working with unchecked input ;-) AdminHandler.php: - compare password and password2 This commit means AdminHandler is complete :-) (Note: db_log can't handle the admin-related log actions yet.) Modified Paths: -------------- trunk/model/AdminHandler.php trunk/model/PFAHandler.php Modified: trunk/model/AdminHandler.php =================================================================== --- trunk/model/AdminHandler.php 2011-12-18 21:30:21 UTC (rev 1296) +++ trunk/model/AdminHandler.php 2011-12-19 22:50:12 UTC (rev 1297) @@ -206,6 +206,20 @@ } } + /** + * compare password / password2 field + * error message will be displayed at the password2 field + */ + protected function _field_password2($field, $val) { + if ($this->RAWvalues['password'] == $this->RAWvalues['password2']) { + unset ($this->errormsg['password2']); # no need to warn about too short etc. passwords - it's enough to display this message at the 'password' field + return true; + } + + $this->errormsg['password2'] = Lang::read('pAdminEdit_admin_password_text_error'); + return false; + } + } /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ Modified: trunk/model/PFAHandler.php =================================================================== --- trunk/model/PFAHandler.php 2011-12-18 21:30:21 UTC (rev 1296) +++ trunk/model/PFAHandler.php 2011-12-19 22:50:12 UTC (rev 1297) @@ -7,6 +7,7 @@ protected $struct = array(); protected $new = 0; # 1 on create, otherwise 0 protected $values = array(); + protected $RAWvalues = array(); # unchecked (!) input given to set() - use it carefully! protected $values_valid = false; protected $admin_username = ""; # if set, restrict $allowed_domains to this admin protected $domain_field = ""; # column containing the domain @@ -88,6 +89,9 @@ $values[$this->id_field] = $this->id; } + $this->RAWvalues = $values; # allows comparison of two fields before the second field is checked + # Warning: $this->RAWvalues contains unchecked input data - use it carefully! + # base validation $this->values = array(); $this->values_valid = false; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |