Hello mate,
We are able to register a user with empty password when using Auth API
for registration.
So basically if you have a controller like this :
# controller (with "auth" already define in model)
def register():
return dict(registerform = auth.register(next="blabla"))
# A view
{{=registerform}}
You will see a form which include two fields for the password. If you
enter different value for the password then you normally receive an
error message "Mismatched password" which is OK. BUT if you enter
empty values in the both fields the registration is SUCCESSFUL and I
don't think we want that...
So basically inside Tools.py file in class "Auth" the validation
process inside the method "Register" we have to add IS_NOT_EMPTY()
Here is how it is right now:
#####################################################
def register():
....
td.append(INPUT(_name="password2", _type="password", requires=
[IS_EXPR('value==%s' % repr(request.vars.get
(password,None)),error_message=self.messages.mismatched_password)]))
######################################################
Here is how it should be to fix this little problem:
######################################################
def register():
.....
td.append(INPUT(_name="password2",
_type="password",
requires=[IS_EXPR('value==%s' % repr
(request.vars.get
(password,None)),error_message=self.messages.mismatched_password),
IS_NOT_EMPTY()]))
######################################################
I'm currently using Web2py Version 1.59
Thanks for your attention !
Cheers,
Yannick P.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
