dd/da5/passwordfield_8class_8php_source.html

<?php

/* Copyright (C) 2025     Open-Dsi         <support@open-dsi.fr>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


require_once DOL_DOCUMENT_ROOT . '/core/class/fields/commonfield.class.php';


class PasswordField extends CommonField

{

  public $emptyValues = array('');


  public function printInputSearchField($fieldInfos, $key, $value, $keyPrefix = '', $keySuffix = '', $moreCss = '', $moreAttrib = '')

  {

    $moreCss = $this->getInputCss($fieldInfos, $moreCss);

    $htmlName = $keyPrefix . $key . $keySuffix;


    return self::$form->inputType('text', $htmlName, (string) $value, $htmlName, $moreCss, $moreAttrib);

  }


  public function printInputField($fieldInfos, $key, $value, $keyPrefix = '', $keySuffix = '', $moreCss = '', $moreAttrib = '')

  {

    $moreCss = $this->getInputCss($fieldInfos, $moreCss);

    $moreAttrib = trim((string) $moreAttrib);

    if (empty($moreAttrib)) $moreAttrib = ' ' . $moreAttrib;

    $autoFocus = $fieldInfos->inputAutofocus ? ' autofocus' : '';

    $htmlName = $keyPrefix . $key . $keySuffix;


    $out = '<input style="display:none" type="text" name="fakeusernameremembered">'; // Hidden field to reduce impact of evil Google Chrome autopopulate bug.

    if ($htmlName == 'pass_crypted') {

      $out .= self::$form->inputType('password', 'pass', '', 'pass', $moreCss, ' autocomplete="new-password"' . $moreAttrib . $autoFocus);

      $out .= self::$form->inputType('hidden', 'pass_crypted', (string) $value, 'pass_crypted', $moreCss, $moreAttrib);

    } else {

      $out .= self::$form->inputType('password', $htmlName, (string) $value, $htmlName, $moreCss, ' autocomplete="new-password"' . $moreAttrib . $autoFocus);

    }


    return $out;

  }


  public function printOutputField($fieldInfos, $key, $value, $keyPrefix = '', $keySuffix = '', $moreCss = '', $moreAttrib = '')

  {

    global $langs;


    return !$this->isEmptyValue($fieldInfos, $value) ? '<span class="opacitymedium">' . $langs->trans("Encrypted") . '</span>' : '';

  }


  public function getInputCss($fieldInfos, $moreCss = '', $defaultCss = '')

  {

    return parent::getInputCss($fieldInfos, $moreCss, $defaultCss ? $defaultCss : 'maxwidth100');

  }


  public function verifyFieldValue($fieldInfos, $key, $value)

  {

    global $conf, $langs, $user;


    $result = parent::verifyFieldValue($fieldInfos, $key, $value);

    if ($result && !$this->isEmptyValue($fieldInfos, $value)) {

      // Todo do we use other method ?

      if (getDolGlobalString('USER_PASSWORD_GENERATED')) {

        // Add a check on rules for password syntax using the setup of the password generator

        $modGeneratePassClass = 'modGeneratePass' . ucfirst(getDolGlobalString('USER_PASSWORD_GENERATED'));


        include_once DOL_DOCUMENT_ROOT . '/core/modules/security/generate/' . $modGeneratePassClass . '.class.php';

        if (class_exists($modGeneratePassClass)) {

          $modGeneratePass = new $modGeneratePassClass($this->db, $conf, $langs, $user);

          '@phan-var-force ModeleGenPassword $modGeneratePass';


          // To check an input user password, we disable the cleaning on ambiguous characters (this is used only for auto-generated password)

          $modGeneratePass->WithoutAmbi = 0;


          // Call to validatePassword($password) to check pass match rules

          $testpassword = $modGeneratePass->validatePassword($value);

          if (!$testpassword) {

            self::$validator->error = $langs->trans('RequireValidValue');

            return false;

          }

        }

      }


      $result = true;

    }


    return $result;

  }


  public function verifyPostFieldValue($fieldInfos, $key, $keyPrefix = '', $keySuffix = '')

  {

    return parent::verifyPostFieldValue($fieldInfos, $key, $keyPrefix, $keySuffix);

  }


  public function getPostFieldValue($fieldInfos, $key, $defaultValue = null, $keyPrefix = '', $keySuffix = '')

  {

    $htmlName = $keyPrefix . $key . $keySuffix;


    if (GETPOSTISSET($htmlName)) {

      $value = GETPOST($htmlName, 'password');

    } else {

      $value = $defaultValue;

    }


    return $value;

  }


  public function getPostSearchFieldValue($fieldInfos, $key, $defaultValue = null, $keyPrefix = '', $keySuffix = '')

  {

    $htmlName = $keyPrefix . $key . $keySuffix;


    if (GETPOSTISSET($htmlName)) {

      $value = GETPOST($htmlName, 'alpha');

    } else {

      $value = $defaultValue;

    }


    return $value;

  }


  public function sqlFilterSearchField($fieldInfos, $key, $value)

  {

    if (!$this->isEmptyValue($fieldInfos, $value)) {

      $alias = $fieldInfos->sqlAlias ?? 't.';


      // TODO rework search on crypt password

      return natural_search($alias . ($fieldInfos->nameInTable ?? $key), $value, 0);

    }


    return '';

  }


}


CommonField
Class to common field.
Definition commonfield.class.php:32

CommonField\isEmptyValue
isEmptyValue($fieldInfos, $value, $emptyValues=null)
Check if the value is deemed as empty.
Definition commonfield.class.php:157

PasswordField
Class to password field.
Definition passwordfield.class.php:31

PasswordField\printInputField
printInputField($fieldInfos, $key, $value, $keyPrefix='', $keySuffix='', $moreCss='', $moreAttrib='')
Return HTML string to put an input field into a page.
Definition passwordfield.class.php:70

PasswordField\getInputCss
getInputCss($fieldInfos, $moreCss='', $defaultCss='')
Get input CSS.
Definition passwordfield.class.php:117

PasswordField\verifyPostFieldValue
verifyPostFieldValue($fieldInfos, $key, $keyPrefix='', $keySuffix='')
Verify if the field value from GET/POST is valid.
Definition passwordfield.class.php:175

PasswordField\verifyFieldValue
verifyFieldValue($fieldInfos, $key, $value)
Verify if the field value is valid.
Definition passwordfield.class.php:131

PasswordField\sqlFilterSearchField
sqlFilterSearchField($fieldInfos, $key, $value)
Get sql filter for search field.
Definition passwordfield.class.php:238

PasswordField\getPostSearchFieldValue
getPostSearchFieldValue($fieldInfos, $key, $defaultValue=null, $keyPrefix='', $keySuffix='')
Get search field value from GET/POST.
Definition passwordfield.class.php:216

PasswordField\getPostFieldValue
getPostFieldValue($fieldInfos, $key, $defaultValue=null, $keyPrefix='', $keySuffix='')
Get field value from GET/POST.
Definition passwordfield.class.php:191

PasswordField\printOutputField
printOutputField($fieldInfos, $key, $value, $keyPrefix='', $keySuffix='', $moreCss='', $moreAttrib='')
Return HTML string to show a field into a page.
Definition passwordfield.class.php:101

PasswordField\printInputSearchField
printInputSearchField($fieldInfos, $key, $value, $keyPrefix='', $keySuffix='', $moreCss='', $moreAttrib='')
Return HTML string to put an input search field into a page.
Definition passwordfield.class.php:50

natural_search
natural_search($fields, $value, $mode=0, $nofirstand=0, $sqltoadd='')
Generate natural SQL search string for a criteria (this criteria can be tested on one or several fiel...
Definition functions.lib.php:13246

GETPOST
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
Definition functions.lib.php:1033

getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:258