[Nitro] [PATCH] Controls patch + bugfix
Bryan Soto
bryan.a.soto at gmail.com
Mon Jan 9 18:01:10 EST 2006
On 1/9/06, Jonas Pfenniger <zimba.tm at gmail.com> wrote:
>
> Btw, I'm not very satified with my PasswordControl implementation
> because it puts the password in clear in the html. I could do something
> better if I knew a generic way to tell that the field didn't change.
>
>
>
Well, it's the opposite of generic, but perhaps a hidden field and some
javascript would suffice?
Untested change follows:
%{
<input type="hidden" id="#{prop.symbol}_changed"
name="#{prop.symbol}_changed"
value="false" />
<input type="password" id="#{prop.symbol}_ctl" name="#{prop.symbol}"
value="#{"*" * value.length}"#{emit_style} onchange="el =
document.getElementById('#{prop.symbol}_changed'; el.value = "true"; return
false;"/>
}
Although that could lead to someone's password being changed to a string of
asterisks.
Or as a different implementation, gmail has you type in the old password,
then the new and makes the change on the server.
Any other thoughts?
Bryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/nitro-general/attachments/20060109/32ff473b/attachment.html
More information about the Nitro-general
mailing list