[BUGFIX] Don't update passwords if left untouched

Fixes a bug where editing a backend user record without updating the password would result in the password being set to the string literal "*********". This reverts #79576 because the fix for showing the password hash in the readable field was wrong and causing this bug. Instead of forcing the database value in the hidden field to be asterisks, we now correctly set the type of the human readable field to be password. This triggers a special handling in the form engine JavaScript, not filling the human readable field with the database value and switching to type text when entering a new password. Resolves: #79714 Reverts: #79576 Releases: master Change-Id: Ia465293272131c32bbb9fd9b0d3916676e130996 Reviewed-on: https://review.typo3.org/51829 Reviewed-by: Nicole Cordes <typo3@cordes.co> Tested-by: Nicole Cordes <typo3@cordes.co> Tested-by: TYPO3com <no-reply@typo3.com> Reviewed-by: Mads Lønne Jensen <mlj@systime.dk> Tested-by: Mads Lønne Jensen <mlj@systime.dk> Reviewed-by: Anders Kostending <aha@systime.dk> Reviewed-by: Faton Haliti <fha@systime.dk> Reviewed-by: Helmut Hummel <typo3@helhum.io> Tested-by: Helmut Hummel <typo3@helhum.io>

[BUGFIX] Don't update passwords if left untouched
Fixes a bug where editing a backend user record without updating the password would result in the password being set to the string literal "*********". This reverts #79576 because the fix for showing the password hash in the readable field was wrong and causing this bug. Instead of forcing the database value in the hidden field to be asterisks, we now correctly set the type of the human readable field to be password. This triggers a special handling in the form engine JavaScript, not filling the human readable field with the database value and switching to type text when entering a new password. Resolves: #79714 Reverts: #79576 Releases: master Change-Id: Ia465293272131c32bbb9fd9b0d3916676e130996 Reviewed-on: https://review.typo3.org/51829 Reviewed-by: Nicole Cordes <typo3@cordes.co> Tested-by: Nicole Cordes <typo3@cordes.co> Tested-by: TYPO3com <no-reply@typo3.com> Reviewed-by: Mads Lønne Jensen <mlj@systime.dk> Tested-by: Mads Lønne Jensen <mlj@systime.dk> Reviewed-by: Anders Kostending <aha@systime.dk> Reviewed-by: Faton Haliti <fha@systime.dk> Reviewed-by: Helmut Hummel <typo3@helhum.io> Tested-by: Helmut Hummel <typo3@helhum.io>
e36479d7 · Mads Jensen · Helmut Hummel · 6e927aae · e36479d7
Commit e36479d7 authored 8 years ago by Mads Jensen Committed by Helmut Hummel 8 years ago
--- a/typo3/sysext/rsaauth/Classes/Form/Element/RsaInputElement.php
+++ b/typo3/sysext/rsaauth/Classes/Form/Element/RsaInputElement.php
@@ -53,13 +53,18 @@ class RsaInputElement extends AbstractFormElement
        $resultArray = $this->initializeResultArray();
        $resultArray['requireJsModules'] = ['TYPO3/CMS/Rsaauth/RsaEncryptionModule'];

-        $itemValue = $parameterArray['itemFormElValue'] ? '*********' : '';
+        $itemValue = $parameterArray['itemFormElValue'];
        $config = $parameterArray['fieldConf']['config'];
        $size = MathUtility::forceIntegerInRange($config['size'] ?: $this->defaultInputWidth, $this->minimumInputWidth, $this->maxInputWidth);
        $evalList = GeneralUtility::trimExplode(',', $config['eval'], true);
        $width = (int)$this->formMaxWidth($size);
+        $isPasswordField = in_array('password', $evalList, true);

        if ($config['readOnly']) {
+            // Early return for read only fields
+            if ($isPasswordField) {
+                $itemValue = $itemValue ? '*********' : '';
+            }
            $html = [];
            $html[] = '<div class="formengine-field-item t3js-formengine-field-item">';
            $html[] =   '<div class="form-wizards-wrap">';
@@ -126,7 +131,7 @@ class RsaInputElement extends AbstractFormElement
        if (isset($config['autocomplete'])) {
            $attributes['autocomplete'] = empty($config['autocomplete']) ? 'new-' . $fieldName : 'on';
        }
-        if (in_array('password', $evalList)) {
+        if ($isPasswordField) {
            $attributes['type'] = 'password';
            $attributes['value'] = $itemValue ? '*********' : '';
            $attributes['autocomplete'] = 'new-' . $fieldName;