Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, biapar, Willr, Ingo, simon_w

Sapphire doesn't call any validator function on DataObjectDecorators


Reply


3 Posts   1655 Views

Avatar
Markus

Google Summer of Code Hacker, 152 Posts

7 August 2007 at 2:02am

Edited: 07/08/2007 2:10am

If the forum module is installed there are new fields when editing a member like "Occupation", "Country", or "User rating".

There is also a new field "Confirm password" which should make sure that the entered password is the expected one and the user didn't make a typo. The problem now is that the validator in ForumRole isn't executed at all so it is possible to enter two different passwords and nevertheless the system will change the password without checking it!

The bug resides in sapphire itself because it doesn't call any validator function on DataObjectDecorators.

I also created a [url=http://open.silverstripe.com/ticket/1401]ticket[/url] for this!

Avatar
elijahlofgren

Google Summer of Code Hacker, 222 Posts

7 August 2007 at 9:56am

> The problem now is that the validator in ForumRole isn't executed at all so it is possible to
> enter two different passwords and nevertheless the system will change the password
> without checking it!

I can confirm that this is a bug using http://svn.silverstripe.com/open/modules/forum/trunk r39005 and sapphire gsoc branch r39561:
Entering two different passwords or even no password at all while editing forum members via /admin/security/index/2 does not result in any errors (like it should).

This bug does not occur on the frontend, but I found and filed a usability problem: [url=http://open.silverstripe.com/ticket/1402]Ticket #1402 "Both passwords need to match. Please try again." warning is displayed inconsistently on forum register and edit pages[/url]

Avatar
Markus

Google Summer of Code Hacker, 152 Posts

28 August 2007 at 1:09am

I fixed that in the GSoC branch r40925 (also for the forum module: GSoC branch r40926).