Changeset 421


Ignore:
Timestamp:
Jul 8, 2013 4:31:19 PM (11 years ago)
Author:
anonymous
Message:

Added switch for login_form_allow_autocomplete

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/Auth_SQL.inc.php

    r396 r421  
    116116        // Use a db_login_table to detect excessive logins. This requires blocking to be enabled.
    117117        'abuse_detection' => false,
     118
     119        // Allow users to save login form passwords in their browser? Setting to 'true' may pose a potential security risk.
     120        'login_form_allow_autocomplete' => false,
    118121    );
    119122
     
    303306            ");
    304307        }
    305         $_SESSION['_auth_sql'][$this->_ns] = array('authenticated' => false);
     308        $_SESSION['_auth_sql'][$this->_ns] = array(
     309            'authenticated'         => false,
     310            'user_id'               => null,
     311            'username'              => null,
     312            'login_datetime'        => null,
     313            'last_access_datetime'  => null,
     314            'remote_ip'             => getRemoteAddr(),
     315            'login_abuse_exempt'    => null,
     316            'match_remote_ip_exempt'=> null,
     317            'user_data'             => null,
     318        );
    306319    }
    307320

  • trunk/lib/PEdit.inc.php

    r415 r421  
    103103        // Setup PEAR XML libraries.
    104104        require_once 'XML/Serializer.php';
    105         $this->xml_serializer =& new XML_Serializer(array(
     105        $this->xml_serializer = new XML_Serializer(array(
    106106            XML_SERIALIZER_OPTION_INDENT => '',
    107107            XML_SERIALIZER_OPTION_LINEBREAKS => '',
     
    110110        ));
    111111        require_once 'XML/Unserializer.php';
    112         $this->xml_unserializer =& new XML_Unserializer(array(
     112        $this->xml_unserializer = new XML_Unserializer(array(
    113113            XML_UNSERIALIZER_OPTION_COMPLEXTYPE => 'array',
    114114        ));

  • trunk/services/templates/login_form.ihtml

    r385 r421  
    1 <form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>" class="sc-form" autocomplete="off">
     1<?php
     2$autocomplete = $auth->getParam('login_form_allow_autocomplete') ? '' : ' autocomplete="off"';
     3?>
     4<form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>" class="sc-form"<?php echo $autocomplete; ?>>
    25<?php $app->printHiddenSession() ?>
    36<table>
     
    1114        <td class="sc-right"><label for="password"><?php echo _("Password"); ?></label></td>
    1215        <td>
    13             <input type="password" class="sc-small" size="20" name="password" value="" autocomplete="off" />
     16            <input type="password" class="sc-small" size="20" name="password" value=""<?php echo $autocomplete; ?> />
    1417        </td>
    1518    </tr>
Note: See TracChangeset for help on using the changeset viewer.