We are moving our forum in GitHub Discussions. For questions about Phalcon v3/v4 you can visit here and for Phalcon v5 here.

Forms - Not-setting value for a password field


I thought I'll find a solution for this on the forum, but was surprised to see no questions about it.

The problem I have is that when user inputs a wrong password in the form and the page with the form reloads, Phalcon's Form will set the value of the password field to whatever user had input. I want this field to never have a value. Is there a parameter I may have overlooked that would prevent Phalcon from giving a value to password field?

Here's the password field's code:

class PasswordRequiringForm extends Form

    public function initialize ()

        $password = new Password('password', [
            'class' => 'form-control input-md',
            'placeholder' => 'Password'
            ->setLabel('Your password:')
                new PresenceOf([
                    'message' => 'The password is required to authorize the change.',
                    'cancelOnFail' => TRUE
                new PasswordValidator([
                    'message' => 'The password you input is incorrect.'
            ->setUserOption('type', 'input');



Thank you!

edited Mar '15

As far as I know there is no parameter to preventing password field population and you shoud hande it in your action like:

if ($this->request->isPost())
    if ($form->isValid($this->request->getPost()) != false) {

    } else {
            $form->get('password')->setDefault(''); // reset password filed at not valid state
            foreach ($member->getMessages() as $message) {

edited Mar '15

Setting default to an empty string indeed is a solution. Even if I have setDefault in the form initialization instead of the controller, it will prevent the submitted value from reapearring.

Thank you!


Doesn't work for me using Phalcon 2.0.5. Any suggestions?

$form->get('password')->clear(); // Phalcon 2 solution
// or
if ($form->has('captcha')) {