Docs For Class DBLPasswordField

Description

DBLPasswordField is used to edit passwords stored in the database.

You can use it two ways:

As a single field/widget. Used does not see what he types and if he mades a mistake, it comes undetected.
Have two fields/widgets, which must contain identical values for the password to be accepted. The first of these fields is called "primary" and the second "secondary". The secondary field's name should be the same as the primary field's name with the _sec string added. (i.e. name them 'pass' and 'pass_sec'.

You may or may not include the field name in the field list passed to DBLField::applyValues - secondary field won't return any value.

The field (any type) will also return no value when modifying existing record and an no (empty) password was entered. This way you can change record containing password without reentering (or even knowing) the password. (Good for administrators editing user records.)

DBLPasswordField will automatically check the password length (default minimum length is 6) and whether the passwords matches (when using primary/secondary field).

The other field's feature is automatic hashing. Currently two types of hashing are implemented:

DBL_HT_NONE - No hashing, password is stored in plain text
DBL_HT_MD5 - Password is hashed by MD5. To make this worthy, a random salt (4-characters by default) is prepended before the password and the result is hashed. The salt is then prepended before the hashed password (to know what it was :-) This prevents encoded-dictionary attacks.

DBLPasswordField provides method for checking whether encrypted passwords matches a plaintext one - see DBLPasswordField::passwordMatches().

Located in /DBLPasswordField.php (line 59)

DBLField
   |
   --DBLTextField
      |
      --DBLPasswordField

Variable Summary

int $hashType

int $minLen

int $saltLen

string $secName

int $type

Method Summary

DBLPasswordField DBLPasswordField (string $name, string $titleTxt, mixed $titleHTML, int $size, int $maxLen, int $type, string $titleHtml)

void acceptValue (mixed $value, mixed &$err, mixed &$r, mixed $new)

void checkValue (mixed $value, mixed &$err, mixed &$r, mixed $new)

void formatEdit (mixed $value, mixed &$r, mixed $dataSource, mixed $formName)

void formatWidget (mixed $value, mixed $useMaxLen, mixed $attr, mixed $size)

void jsCheck (mixed $frmName, mixed $new)

bool passwordMatches (string $dbPassword, string $userPassword)

Variables

int $hashType (line 74)

var: Hash type, one of the DBL_HT_* constants. See class description.

int $minLen (line 84)

var: Minimum password length. (May be set only on primary field to take effect.)

int $saltLen (line 79)

var: Length of the salt to use for password encryption. May be set to for no salt. Default is 4.

string $secName (line 70)

var: Name of the secondary field (only valid if this is a primary field). By default $this->name."_sec".

int $type (line 65)

var: Type of the field (one of DBL_PF_* constants). See class description.

Inherited Variables

Inherited from DBLTextField

DBLTextField::$editSize
DBLTextField::$filterSize
DBLTextField::$maxLen

Inherited from DBLField

DBLField::$addAsterixes
DBLField::$allowEmpty
DBLField::$computed
DBLField::$dbName
DBLField::$default
DBLField::$detailAttributes
DBLField::$detailPostfix
DBLField::$detailPrefix
DBLField::$editAttributes
DBLField::$editPostfix
DBLField::$editPrefix
DBLField::$filterAttributes
DBLField::$filterPostfix
DBLField::$filterPrefix
DBLField::$indexAttributes
DBLField::$indexPostfix
DBLField::$indexPrefix
DBLField::$lookupField
DBLField::$name
DBLField::$needsMultipart
DBLField::$noOrderByTitle
DBLField::$readOnly
DBLField::$referenceURL
DBLField::$titleHTML
DBLField::$titleTxt
DBLField::$widgetAttributes

Methods

Constructor DBLPasswordField (line 97)

Constructor

DBLPasswordField DBLPasswordField (string $name, string $titleTxt, mixed $titleHTML, int $size, int $maxLen, int $type, string $titleHtml)

string $name: Name of the field - see DBLField
string $titleTxt: Textual title - see DBLField
string $titleHtml: HTML title - see DBLField
int $size: Size of the widget - see DBLTextField
int $maxLen: Maximum length of the widget - see DBLTextField
int $type: Field type, one of the DBL_PF_* constaints. See class description.

acceptValue (line 204)

void acceptValue (mixed $value, mixed &$err, mixed &$r, mixed $new)

Redefinition of:

DBLField::acceptValue(): Accept value from post.

checkValue (line 176)

void checkValue (mixed $value, mixed &$err, mixed &$r, mixed $new)

Redefinition of:

DBLField::checkValue(): Check value (from post)

formatEdit (line 146)

void formatEdit (mixed $value, mixed &$r, mixed $dataSource, mixed $formName)

Redefinition of:

DBLTextField::formatEdit()

formatWidget (line 137)

void formatWidget (mixed $value, mixed $useMaxLen, mixed $attr, mixed $size)

Redefinition of:

DBLTextField::formatWidget(): Internal function - format widget.

jsCheck (line 155)

void jsCheck (mixed $frmName, mixed $new)

Redefinition of:

DBLField::jsCheck(): Create javascript to check the field value before post.

passwordMatches (line 118)

Function to check whether cleartext password matches encrypted password.

Field settings (hashType and saltLen) must be same as when the password was encrypted.

return: True if password matches, false if it does not.

bool passwordMatches (string $dbPassword, string $userPassword)

string $dbPassword: Password from DB (encrypted).
string $userPassword: Password from user (cleartext).

Inherited Methods

Inherited From DBLTextField

DBLTextField::DBLTextField()
DBLTextField::formatEdit()
DBLTextField::formatFilter()
DBLTextField::formatWidget()

Inherited From DBLField

DBLField::DBLField()
DBLField::acceptFilterValue()
DBLField::acceptValue()
DBLField::addCondition()
DBLField::checkValue()
DBLField::formatDetail()
DBLField::formatEdit()
DBLField::formatFilter()
DBLField::formatIndex()
DBLField::jsCheck()
DBLField::setTitle()
DBLField::splitValue()