Symfony Form Framework - Best way to implement change password functionality?

Question

Hi,

I'm trying to get my head around the form framework in Symfony 1.4. I've read the incredibly detailed section in the 'More with symfony' book, but I'm still a but unsure how to implement a simple 'Change password' functionality.

The requirements are pretty basic,

1. There'll be two fields, new_password, and confirm_new_password. Both will be input fields.
2. The new_password field will be validated to be a string between 6 and 30 characters containing both letters and numbers.
3. The confirm_new_password field will be validated to match the new_password field exactly.

Now, presently I implemented this by,

• Adding 2 new fields to my form.
• Adding a string validator to the new_password field to check the string length.
• Adding a string validator to the confirm_new_password field to make sure it was filled in.
• And then validating the new password is valid and matches the confirm password in a custom post validator. I did this because I didn't want to validate the confirm_new_password field until the new_password field was valid.

Now to the point of my question. After reading the article mentioned above, I'm starting to think I should contain the two fields in either a single widget or in a sub form as they rely upon each other heavily, and one is useless without the other.

I was wondering what peoples thoughts were on this, and if someone had implemented one, how they did it?

Thanks

Note: There is no current_password field as this is for my admin area.

Answer 1

I created some kind of password validator for symfony 1.2 (I have not tested it for 1.4). You can have a look at it here.

The basic features are:

• Validates the password against a regular expression or multiple regular expressions.
• Compares whether the values in both fields are the same.
• If a password is already set, the password fields don't have to be filled in order to validate (convenient if the password change fields are integrated in a profile form where the fields can be empty if one does not want to change the password).

To use it, you have to set up two input fields and add the validator as post validator for these two fields.

It is not exactly what you want but maybe it gives you a start.

Answer 2

You can use the sfDoctrineGuardPlugin.

This plugin provides convenient forms, model and controllers for your website user management.

You can extends this plugin, customize to fit your needs, this is a very commonly used plugin (the most used).

Answer 3

I have not heard of anything already built to handle this for you.

Custom widget and validator

You could create a custom widget to encapsulate the two form fields as long as you're alright with achieving this with only one label associated with your fields. If you wanted to create a custom validator for this it would have to be a post validator (see sfValidatorSchemaCompare for an example) as field validators only receive one value to validate. With that approach you would end up gaining:

• defining one less widget in your form
• moving the post validator functionality into a separate class

and a loss of:

• a label for your confirm password field

Embedded form

An embedded form seems wrong to me for this as the password/confirm fields aren't a subsection of the parent element.

Inheritance

Another approach that may work for you is to create an sfPasswordEditForm class that your forms can extend that defines your two password fields and post validator. You can then use the moveField method off of your widgetSchema to place the fields in the order you want them in your custom form:

$this->widgetSchema->moveField('password', 'after', 'username');
$this->widgetSchema->moveField('password_again', 'after', 'password');

Answer 4

A few people suggested looking at the sfGuardPlugin. After doing so I noticed it implements the change password feature pretty much exactly how I'm currently implementing it.

Thanks for the answers!