Open banks opened 14 years ago
loonies
commented
14 years ago I bumped into problem related to this issue.
I would like to check for strong password with regex before hashing it. Currently hashing is done before regex, so rule fails.
'password' => new Sprig_Field_Password(array(
'empty' => FALSE,
'rules' => array(
// Strong password
'regex' => array('/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?!.*\s).*$/'),
),Update: min_length also fails
ollym
commented
14 years ago Yes, i've just bumped into the same problem. My work around was to make hash_with NULL, and add a callback to the password which hashed it. This made my rules work for me.
wszostak
commented
13 years ago In Kohana 3.1 setting callback doesn't work. Validation object makes copy of all values before check and revert them after that.
I think that banks idea may be a good solution. If somebody wants to hash password immediately, then uses 'on_set', if after validation - 'on_save'
wszostak
commented
13 years ago I've made small changes in commit ece8c1d0a8d3050dcac707d584f0bb6c0410e646, so it is possible to hash password just before create / update.
As I suggested on the forums
I think a generalisation of the $hash_with property in Sprig Password would make Sprig much more flexible without modifying lots of code.
My suggestion:
In Sprig_Field implement:
These methods can then be over-ridden by sub-classes to implement things like password hashing or other modification of values.
$field->on_set($value) would be called directly before the value is set in Sprig::set() and $field->before_save($value) should be called directly before the save to database but AFTER Validation in Sprig::create() and Sprig::update(). There is currently no way to mimic this (save) functionality without duplicating the entire save() and update() code in an extension of Sprig.
The on_set functionality could now be mimicked by setting an appropriate call back (say to a static method) using $hash_with property but if the use isn't for hashing, this is a confusing name.
There is an argument for using callbacks as properties instead of class methods as it allows the call back to be passed in the array to Sprig_Field::construct(). If that behaviour is more desriable perhap instead of the above Sprig_Field could get two properties called $on_set_callback and $before_save_callback or similar. These could be NULL by default and if callable, hould be called like the methods above. This way I can specify callback to any existing SprigField* class without having to override the whole class. If I want to keep the callbacks in the Class, I can create them as static methods and pass the appropriate callback array() to construct().
As you may be able to tell, I've swayed more towards the second implementation - change the name of $hash_with to something more generic and add another to allow modification directly before saving to Database.
Thoughts are welcome from all.