Zend form for registration with salt - zend-framework

I have a simple registration form and the password hashed using md5 encryption and a salt, I am getting an error saying that the "uni" field can not be null and I am assuming this is due to the fact that I am unsure how to add the $salt into the form(would it not be a hidden element? Like the id field?). I have done the model below:
public function addUser($first_name, $surname, $email, $username, $password, $salt, $age, $gender, $uni) {
$salt=substr(md5(mt_rand()),0,20);
$md5Password=md5($salt.$password);
$data = array(
'first_name' => $first_name,
'surname' => $surname,
'email' => $email,
'username' => $username,
'salt' => $salt,
'password' => $md5Password,
'age' => $age,
'gender' => $gender,
'uni' => $uni,
);
$this->insert($data);
}
and here is the form:
<?php
class Application_Form_Register extends Zend_Form
{
public function init() {
$this->setName('register');
$id = new Zend_Form_Element_Hidden('id');
$id->addFilter('Int');
$first_name = new Zend_Form_Element_Text('first_name');
$first_name->setLabel('Firstname:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$surname = new Zend_Form_Element_Text('surname');
$surname->setLabel('Surname:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$email = new Zend_Form_Element_Text('email');
$email->setLabel('Email:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$username = new Zend_Form_Element_Text('username');
$username->setLabel('Username:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$password = new Zend_Form_Element_Password('password');
$password->setLabel('Password:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$salt = new Zend_Form_Element_Hidden('salt');
$age = new Zend_Form_Element_Text('age');
$age->setLabel('Age:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$gender = new Zend_Form_Element_Text('gender');
$gender->setLabel('Gender:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$uni = new Zend_Form_Element_Text('uni');
$uni->setLabel('University:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$submit = new Zend_Form_Element_Submit('submit');
$submit->setAttrib('id', 'submitbutton');
$this->addElements(array($id, $first_name, $surname, $email, $username, $password, $salt, $age, $gender, $uni, $submit));
}
}
Thanks
Rik

first 'uni' is a form field.
$uni = new Zend_Form_Element_Text('uni');
$uni->setLabel('University:')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
this error occurs when you are passing a 'null' value to the db table column that has been declared 'not null'. To solve this, pass a 'not null' value to your 'addUser()' method, set a default value for 'uni' in your method api or allow the db table 'uni' column to accept 'null' values.
Personally I usually pass an array to these kinds on methods and then pull out the bits I want. Something like:
public function addStation(array $data) {
$data = array(
'station' => $data['station'],
'comment' => $data['comment']
);
$this->insert($data);
}
Again Personally I would not put the salt field in the form at all I would assign the salt in the model. No sense showing the world anything at all about my salt.
good luck.

Related

bootstrap mail form $from<$email> $fromEmail

I refer to this page. https://bootstrapious.com/p/how-to-build-a-working-bootstrap-contact-form and i uesd index-2.html / contact-2.php files.
i want mailheader ''
but code is
**$fromEmail = 'demo#domain.com';
$fromName = 'Demo contact form';**
$sendToEmail = 'my#mail.com';
$fields = array('name' => 'Name', 'phone' => 'Phone', 'email' => 'Email', "\r\n" , 'message' => 'Message');
so i changed
$fromEmail = "$email" $fromName = '$name'; or
$fromEmail = $_POST['form_email']; $name = $_POST['name'];
but It just makes an error.
ex) Root User" '
try
{
if(count($_POST) == 0) throw new \Exception('Form is empty');
$emailTextHtml .= "<table>";
foreach ($_POST as $key => $value) {
// If the field exists in the $fields array, include it in the email
if (isset($fields[$key])) {
$emailTextHtml .= "<tr><th>$fields[$key]</th><td>$value</td></tr>";
}
}
$emailTextHtml .= "</table>";
$mail = new PHPMailer;
$mail->setFrom($fromEmail, $fromName);
$mail->addAddress($sendToEmail, $sendToName); // you can add more addresses by simply adding another line with $mail->addAddress();
$mail->addReplyTo($from);
$mail->isHTML(true);
$mail->Subject = $subject;
$mail->msgHTML($emailTextHtml); //
what should I do?
$fromEmail = 'demo#domain.com';
$fromName = 'Demo contact form'
How should I change it?

How to Set value for password filed using Zend Form

This My Edit user form in Zend Frame work
$this->setAttrib('enctype', 'multipart/form-data');
$this->setName('user');
$id = new Zend_Form_Element_Hidden('id');
$id->addFilter('Int');
$fname = new Zend_Form_Element_Text('fname');
$fname->setLabel('Full Name')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$email = new Zend_Form_Element_Text('email');
$email->setLabel('Email Address')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$add = new Zend_Form_Element_Text('add');
$add->setLabel('Address')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$pass = new Zend_Form_Element_Password('pass');
$pass->setLabel('Password')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$city = new Zend_Form_Element_Text('city');
$city->setLabel('city')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$img = new Zend_Form_Element_File('img');
$img->setLabel('Profile picture')
->setRequired(true);
$submit = new Zend_Form_Element_Submit('submit');
$submit->setAttrib('id', 'submitbutton');
// add element in form
$this->addElements(array($id, $fname, $email, $add, $pass, $city, $img, $submit));
And I am Set the value for form elemets using following code in controller
$form = new Application_Form_User();
$form->submit->setLabel('Save');
$this->view->form = $form;
$id = $this->_getParam('id', 0);
if ($id > 0) {
$user = new Application_Model_DbTable_User();
$info = $user->getUser($id);
//$form->populate($info);
$form->setDefaults($info);
I am used $form->setDefaults($info); methode to set vlaue for form field. This method set value sucessfully for only Text input type but This method can not set value which has input type is password. so, what would i do for set vlaue for to input type is password?
This is my output screen edit.php
Zend does not allow password field to be auto-filled. Html type="password" also prevents the browsers to supports autocomplete. You will have to enter the password manually each time the page is refreshed.
However to disable autocomplete on a field use.
$foo = new Zend_Form_Element_Text('foo', array(
'autocomplete' => 'off',
));
// or...
$form->addElement('text', 'foo', array(
'autocomplete' => 'off',
));
// or...
$element->autocomplete = 'off';
I know this is an old question but I came across it whilst looking for the same answer so I thought I'd post my findings.
There is a setRenderPassword(true) property for password fields in Zend_Form.
$pass = new Zend_Form_Element_Password('pass');
$pass->setLabel('Password')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty')
->setRenderPassword(true);

How create a zend form object?

In my Users controller I have an editAction. The below declaration is from editAction.
$form = $this->_getEditForm();//here I need to pass $user->email to the form class.
I have another class _gerEditForm() in same controller.
private function _getEditForm()
{
$form = new Form_Admin_Users_Add(array(
'method' => 'post',
'action' => $this->_helper->url('edit', 'users'),
));
return $form;
}
enter code here
//form class
class Form_Admin_Users_Add extends Form_Abstract
{
public function __construct($mail=null)
{
parent::__construct();
$this->setName('user');
//$userId = new Zend_Form_Element_Text('userId');
//$userId->addFilter('Int');
//$this->addElement($userId);
$this->setAttrib('id', 'addUserForm');
$this->setAttrib('class', 'formInline');
$firstName = new Zend_Form_Element_Text('firstName');
$firstName->setRequired(true)
->addFilter('StringTrim')
->addValidator('NotEmpty', false, array('messages'=>'First name cannot be empty'))
->addValidator('StringLength', false, array(1, 256))
->setLabel('First Name:');
$this->addElement($firstName);
$lastName = new Zend_Form_Element_Text('lastName');
$lastName->setRequired(true)
->addFilter('StringTrim')
->addValidator('NotEmpty', false, array('messages'=>'Last name cannot be empty'))
->addValidator('StringLength', false, array(1, 256))
->setLabel('Last Name:');
$this->addElement($lastName);
$email = new Zend_Form_Element_Text('email');
$email->setLabel('Email :')
->addValidator('NotEmpty', false, array('messages'=>'email cannot be empty'))
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('EmailAddress')
->addValidator(new BusinessForum_Validate_UniqueEmail($mail));
Now I need to pass the email the form class. But I don't know how to do this.
Please help me in this regard.
Thanks
I'm a bit confused. The __construct function takes one argument, $mail. You're passing that to your BusinessForum_Validate_UniqueEmail class.
But in your _getEditForm function, you're passing in an array to that $mail argument that looks like it has settings for the form, not email information.
If that's just how you named stuff, and that's how it works, fine. Then you should just need to add a second parameter to your __construct function:
public function __construct($mail=null, $emailAddress="")
Pass it in from your _getEditForm function:
private function _getEditForm($emailAddress="")
{
$form = new Form_Admin_Users_Add(array(
'method' => 'post',
'action' => $this->_helper->url('edit', 'users')
), $emailAddress);
return $form;
}
And pass the email address to your _getEditForm function:
$form = $this->_getEditForm($user->email);

Registration form with salt and SHA1 encryption

I have a registration form and I am using zend_auth for my login, below is how the information is encrypted for secure login:
->setCredentialTreatment('SHA1(CONCAT(?,salt))');
I have the following register method so far:
public function addUser($first_name, $surname, $email, $username, $password, $salt, $age, $gender, $uni) {
$salt=substr(SHA1(mt_rand()),0,40);
$data = array(
'first_name' => $first_name,
'surname' => $surname,
'email' => $email,
'username' => $username,
'password' => $password,
'salt' => $salt,
'age' => $age,
'gender' => $gender,
'uni' => $uni,
);
$this->insert($data);
}
I need to add in the SHA1 encryption for the password here, but I am unsure how it will look. Any help would be awesome.
Thanks
$data = array(
'first_name' => $first_name,
'surname' => $surname,
'email' => $email,
'username' => $username,
'password' => sha1($password.$salt),
'salt' => $salt,
'age' => $age,
'gender' => $gender,
'uni' => $uni,
);

How to preopulate zend file elements

I have a Zend form like this:
$this->setName('Add Job');
$id = new Zend_Form_Element_Hidden('id');
$id->addFilter('Int');
$name = new Zend_Form_Element_Text('name');
$name->setLabel('Name')
->setRequired(true)
->addFilter('StripTags')
->addFilter('StringTrim')
->addValidator('NotEmpty');
$file = new Zend_Form_Element_File('file');
$file->setLabel('File')
->setRequired(true);
$category = new Zend_Form_Element_Checkbox('category');
$category->setLabel('Express?')
->setRequired(true)
->setCheckedValue('2')
->setUncheckedValue('1');
$submit = new Zend_Form_Element_Submit('submit');
$submit->setAttrib('id', 'submitbutton');
The "add" action is working fine but I'm not working on the "edit" action using this in my controller:
$id = $this->_getParam('id', 0);
if ($id > 0) {
$jobs = new Application_Model_DbTable_Jobs();
$form->populate($jobs->getJob($id));
}
and the form prepopulates just fine except for the file element. In the DB, I've got the filename saved and I'd like to display it in the edit form somehow - is there a standard way of handling this in Zend?
Thanks,
Phil
You cannot prepopulate a file-input-element.
That is not a restriction by Zend_Form. The html input-file-element has no "value" attribute.
i used a trick, to pass the filename to the view, so one can for example show the image next to the upload. In your form type this:
$this->getElement('image')->setAttrib('class', $this->_myParams['data']['image']);
$image->setDecorators(array(
'File',
array('ViewScript', array('viewScript' => '/ditta/_image.phtml', 'placement' => false)))
);/
then in the viewscript use
$image = $this->element->getAttrib('class');//get name of file
$this->element->setAttrib('class', '');//delete class