[TYPO3-mvc] Double-check Password
David Schreiber
flashmasterdash at gmail.com
Sun Jan 31 23:18:36 CET 2010
Hi Boris,
>Has somebody already implemented a server-side double-check for a controll-password from a second form-field? Or how can I pass this controll-password to the ObjectValidator?
>
There are two ways you could probably check the password:
1) A client side check using JavaScript, verifying the password
length, the password re-type, password safety and so on.
2) And this should be done always (not only for server security) a
server side check of the submitted values.
You won't necessarily need to submit both password fields unless you
make your client side double-check.
Since I'm rather new to TYPO3 and Extbase I'm not quite sure about the
best practice, but I would always
1) Implement a changePasswordAction() which only gets the password,
validates it and updates it.
2) This is what I would do when also other things need to be updated
(maybe in case of a member settings page). Create a updateAction() and
pass the updated object, as well as the other variables that maybe are
required to update the object. Validate everything as needed and
update it to the repository.
Hope I could help,
David Schreiber
More information about the TYPO3-project-typo3v4mvc
mailing list