Set column to read-only but only in some cases
Set column to read-only but only in some cases
One of my columns is a password column. The user should not see the passwords in plain text. So i added a simple getFormatter to hide the passwords.
Field::inst( 'password' )
->getFormatter( function ( $val, $data ) {
// convert password to ***
// example: 'secret' -> '******'
// example: 'secret123' -> '*********'
return empty($val) ? '' : str_repeat('*', strlen($val));
} )
This is working fine but when an user edit another column value (not the password value) than the password will be set to ***
My idea is: If no new password has been set ($val contains only * or is empty) then the password column should be set to read-only.
Field::inst( 'password' )
->setFormatter( function ( $val, $data ) {
if(preg_match('/[^\*]/', $val) && !empty($val)) {
return $val;
} else {
// Set password column to read-only
// Field::inst( 'password' )->set( false );
return '';
}
} )
Unfortunately this is not working. Can someone help me?
This question has an accepted answers - jump to answer
Answers
Hi @matsche ,
Have you seen the
password
? This is likely doing what you want.Cheers,
Colin
Hi @colin ,
password
is only working within the editor. The normal datatables view still shows the password in plain text.When i am only using your suggestion, all passwords will be synced (between client and server api) in plain text. If an user is using the webbrowser developer possibilities, he can read out every password. With my solution, only '***' (with an individual length) will be synced. Only when the user is changing the password (or set new password) the actual password will be synced in plain text.
How do I have to call the
field().set()
? Or is there another pretty solution?Haha . Add
->get( false )
to theField()
chain in the server-side script. Have a look at this post to see a little example of that.Also, you really really want to not store your passwords in plain text! Use a getFormatter to hash them - since you are using PHP, use the
password_hash
function.Allan
Thanks Allen, it is working
For users which have the same issue like me: