From: Gergő Tisza Date: Fri, 1 Apr 2016 11:54:15 +0000 (+0300) Subject: Add flag to HTMLTextField to not persist submitted data X-Git-Tag: 1.31.0-rc.0~7457^2 X-Git-Url: https://git.cyclocoop.org/%242?a=commitdiff_plain;h=da1e91e84269a034ac2d3d48f0016718e2150ab7;p=lhc%2Fweb%2Fwiklou.git Add flag to HTMLTextField to not persist submitted data Sometimes the submitted text is not expected to show up as default when the form is redisplayed after an error; password fields are the obvious example for this, but in some cases (e.g. two-factor token) it is useful for a normal text field to act like that as well. The patch adds a new 'persistent' flag to HTMLTextField, which defaults to false for passwords and true otherwise. Change-Id: If0a52f61aa061bbb55bfdc76321ace7d3eaed934 --- diff --git a/includes/htmlform/HTMLTextField.php b/includes/htmlform/HTMLTextField.php index 4d5bcabbc8..671dfdeee2 100644 --- a/includes/htmlform/HTMLTextField.php +++ b/includes/htmlform/HTMLTextField.php @@ -14,7 +14,19 @@ class HTMLTextField extends HTMLFormField { return null; } + public function isPersistent() { + if ( isset( $this->mParams['persistent'] ) ) { + return $this->mParams['persistent']; + } + // don't put passwords into the HTML body, they could get cached or otherwise leaked + return !( isset( $this->mParams['type'] ) && $this->mParams['type'] === 'password' ); + } + function getInputHTML( $value ) { + if ( !$this->isPersistent() ) { + $value = ''; + } + $attribs = [ 'id' => $this->mID, 'name' => $this->mName, @@ -85,6 +97,10 @@ class HTMLTextField extends HTMLFormField { } function getInputOOUI( $value ) { + if ( !$this->isPersistent() ) { + $value = ''; + } + $attribs = $this->getTooltipAndAccessKey(); if ( $this->mClass !== '' ) {