mirror/postfixadmin
0
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2024-09-19 19:22:14 +02:00
Code

PFAHandler.php:

Browse Source 
- store unchecked input values given to set() in $this->RAWvalues before
  running the validation functions. This is needed to make comparing 
  password and password2 possible.
  (uppercase RAW intentional to make usage harder - hopefully hard enough
  to give everybody who wants to use it some time to think over secure
  programming when working with unchecked input ;-)

AdminHandler.php:
- compare password and password2

This commit means AdminHandler is complete :-)

(Note: db_log can't handle the admin-related log actions yet.)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1297 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
Christian Boltz 2011-12-19 22:50:12 +00:00
parent c65c2caa7a
commit 23c08bc02e
2 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
model/AdminHandler.php
View File

@ -206,6 +206,20 @@ class AdminHandler extends PFAHandler {
}
}
/**
* compare password / password2 field
* error message will be displayed at the password2 field
*/
protected function _field_password2($field, $val) {
if ($this->RAWvalues['password'] == $this->RAWvalues['password2']) {
unset ($this->errormsg['password2']); # no need to warn about too short etc. passwords - it's enough to display this message at the 'password' field
return true;
}
$this->errormsg['password2'] = Lang::read('pAdminEdit_admin_password_text_error');
return false;
}
}
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

4
model/PFAHandler.php
View File

@ -7,6 +7,7 @@ class PFAHandler {
protected $struct = array();
protected $new = 0; # 1 on create, otherwise 0
protected $values = array();
protected $RAWvalues = array(); # unchecked (!) input given to set() - use it carefully!
protected $values_valid = false;
protected $admin_username = ""; # if set, restrict $allowed_domains to this admin
protected $domain_field = ""; # column containing the domain
@ -88,6 +89,9 @@ class PFAHandler {
$values[$this->id_field] = $this->id;
}
$this->RAWvalues = $values; # allows comparison of two fields before the second field is checked
# Warning: $this->RAWvalues contains unchecked input data - use it carefully!
# base validation
$this->values = array();
$this->values_valid = false;