I'm curious if this is "proper" behavior and, if so, what is the proper way to deal with it. I've put in my own little error trap to prevent it, but I'm wondering if my whole approach is wrong.
I have a form that includes both password and password verification (type the second time to match) fields. I'm using the SQLFORM.widgets.password.widget so that only dots are shown, as per normal. The form submission works fine, I compare the values to be sure they match and proceed or fail with an error to correct the problem if there is a mismatch. If a successful form is submitted but it fails my password fields comparison in a function call, the process of returning an error automatically clears out those fields (the kind of safe behavior you often see in browser in these situations) while preserving the rest of the form. In cases, however, where OTHER fields on the page fail their web2py validators, the user is returned to the form with an error and the password fields appear to remain filled with their dots. Upon successful submission, though, it turns out they really are submitting as asterisks. The original values pre-validation-faiurel are essentially replaced with an equal number of asterisks in the second (and subsequent) attempts. They furthermore passed my comparison test because they are two matching fields of asterisks. I've added another check now to see if the length of the overall string and the count of any *'s contained is equal (meaning it's all *'s). If so, I throw back an error to re-do the passwords. But that's just a crappy little workaround on my part for the time being. I tried setting the fields to None at the form.errors test to see if I could clear them out post-validation failure, but that doesn't work... hence the dirty workaround above. Thoughts? - Aaron
