[web2py:36334] Re: sign in form , email field validation problem

Tue, 01 Dec 2009 23:17:30 -0800 

You make a good point. The requires for email is set if define_tables.
You can override that. The validators only apply when registering a
new user.

The login function overrides the validators because you do not want to
give an attacker unnecessary information about why he cannot login. In
praticular

auth.settings.table_user.email.requires = [IS_NOT_EMPTY(error_message
= T("Enter value")), IS_EMAIL(error_message=T("Enter Email")),
                                           IS_NOT_IN_DB(db,
auth.settings.table_user.email, error_message=T("value already in
database"))]

would be right for registration but not for login. IS_NOT_IN_DB should
be IS_IN_DB and IS_NOT_EMPTY is redundant given IS_EMAIL.

You are right there is a problem. Since login overrides the validation
you cannot markup its error message with T. This is a bug and I will
fix it tomorrow.


On Dec 2, 1:07 am, "hamdy.a.farag" <hamdy.a.fa...@inbox.com> wrote:
> Hi
>
> I got a problem using the sign in form
>
> I got the email field and password field
>
> Now email field is not validated as expected , when letting it empty I
> got the error message
> "enter a value" which I can't translate .
>
> if I entered any characters in it I got nothing
>
> looking into Auth() in the login() function I found
>
> def login(
>        ......
>
>         table_user = self.settings.table_user
>         if 'username' in table_user.fields:
>             username = 'username'
>         else:
>             username = 'email'
>         old_requires = table_user[username].requires
>         table_user[username].requires = IS_NOT_EMPTY()
>
> Now we've only one validator on the field which is IS_NOT_EMPTY()
>
> Now I want to things to happen and I don't know how
>
> 1 - add validation IS_EMAIL() on the email field
> 2- be able to translate the error messages in both cases (if field is
> empty or not an email)
>
> note:
>
> IN MY MODEL , I've :
>
> auth.settings.table_user.email.requires = [IS_NOT_EMPTY(error_message
> = T("Enter value")), IS_EMAIL(error_message=T("Enter Email")),
>                                            IS_NOT_IN_DB(db,
> auth.settings.table_user.email, error_message=T("value already in
> database"))]
>
> but this seems to be not working

--

You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To post to this group, send email to web...@googlegroups.com.
To unsubscribe from this group, send email to 
web2py+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/web2py?hl=en.

Reply via email to