We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Forms - Not-setting value for a password field

Hello!

I thought I'll find a solution for this on the forum, but was surprised to see no questions about it.

The problem I have is that when user inputs a wrong password in the form and the page with the form reloads, Phalcon's Form will set the value of the password field to whatever user had input. I want this field to never have a value. Is there a parameter I may have overlooked that would prevent Phalcon from giving a value to password field?

Here's the password field's code:

class PasswordRequiringForm extends Form
{

    public function initialize ()
    {

        $password = new Password('password', [
            'class' => 'form-control input-md',
            'placeholder' => 'Password'
        ]);
        $password
            ->setLabel('Your password:')
            ->addValidators([
                new PresenceOf([
                    'message' => 'The password is required to authorize the change.',
                    'cancelOnFail' => TRUE
                ]),
                new PasswordValidator([
                    'message' => 'The password you input is incorrect.'
                ]),
            ])
            ->setUserOption('type', 'input');

        $this->add($password);

    }
}

Thank you!



10.5k
Accepted
answer
edited Mar '15

As far as I know there is no parameter to preventing password field population and you shoud hande it in your action like:

if ($this->request->isPost())
{
    if ($form->isValid($this->request->getPost()) != false) {

    } else {
            $form->get('password')->setDefault(''); // reset password filed at not valid state
            foreach ($member->getMessages() as $message) {
                $this->flashSession->error($message);
            }
    }
}


4.9k
edited Mar '15

Setting default to an empty string indeed is a solution. Even if I have setDefault in the form initialization instead of the controller, it will prevent the submitted value from reapearring.

Thank you!



7.0k

Doesn't work for me using Phalcon 2.0.5. Any suggestions?

$form->get('password')->clear(); // Phalcon 2 solution
// or
if ($form->has('captcha')) {
    $form->get('captcha')->clear();
}