gebeer

Get cleartext password in hook

3 posts in this topic

Hello,

I am trying to get the cleartext password in a hook on saveReady in an autoload module. But I get the already hashed value of the password:

Session: pass: L1/CERxHKqXJCJkogk89O48b4bMnsqW

What I have

        protected $templates = ["user", "server"];

	public function init() {

		$this->pages->addHookAfter('saveReady', $this, 'hookSaveReady');

	}

	public function hookSaveReady(HookEvent $event) {

		$page = $event->arguments[0];
		
		if($page->isNew) return;

		if(!in_array($page->template, $this->templates)) return;

		if($page instanceof User)  $this->collectUserData($page);

	}

	public function collectUserData($page) {

		foreach ($page->fields as $field) {
			/*if( $page->isChanged($field) ) */$this->message($field->name . ": " . $page->$field);
		}

	}

I guess I am hooking too late in the process but have no idea where to place the hook instead.

EDIT: same with addHookBefore

Share this post


Link to post
Share on other sites

The password is never stored as plaintext, the latest hook you can get it Password::setPass, which does the hashing as soon as a password is set as field value.

1 person likes this

Share this post


Link to post
Share on other sites

That helped, thank you!

EDIT: For security reasons I don't post my solution here.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By abdus
      I'm trying to add a new option to InputfieldTextarea. Depending on that option, I want to change how the input is rendered. I also want to change this option depending on different templates and repeaters, meaning it can have different values for different fieldgroups.
      I hooked into three methods:
      $this->addHookBefore('InputfieldTextarea::render', $this, 'hookInputRender'); $this->addHookAfter('InputfieldTextarea::getConfigInputfields', $this, 'hookInputSettings'); $this->addHookAfter('InputfieldTextarea::getConfigAllowContext', $this, 'hookInputContext'); In hookInputSettings, I build the additional option
      protected function hookInputSettings(HookEvent $e) { /** @var InputfieldTextarea $field */ $wrapper = $e->return; $field = $e->object; /** @var InputfieldSelect $font */ $font = $this->modules->get('InputfieldSelect'); $font->label = $this->_('Font'); $font->name = 'fontFamily'; $font->addOptions(self::fontOptions); $font->attr('value', $field->fontFamily); $wrapper->add($font); $e->return = $wrapper; } It shows up in field settings with no problem

      When I pick an option and save, it even shows up in the database. However, I cannot get the properties of that field in that fieldgroup context. Most other inputfields can get their inputfield settings because are inside a class that extends Inputfield, so $this->myOption works.
      If I hook into FieldtypeTextarea::getConfigInputfields, it works too, because getConfigInputfields method is called with $this as its argument, inside hooks it's possible to access fieldgroup specific settings. But for Inputfield, it's not given any arguments, so hooking Inputfield::getConfigInputfields, you won't be able to get any information about the context.
      // /wire/core/Field.php public function ___getConfigInputfields() { // ... if(!$fieldgroupContext || count($allowContext)) { // ... try { $fieldtypeInputfields = $this->type->getConfigInputfields($this); // ... } // ... } $inputfields = $this->wire(new InputfieldWrapper()); // ... if($inputfield) { if($fieldgroupContext) { $allowContext = array('visibility', 'collapsed', 'columnWidth', 'required', 'requiredIf', 'showIf'); $allowContext = array_merge($allowContext, $inputfield->getConfigAllowContext($this)); } // ... $inputfieldInputfields = $inputfield->getConfigInputfields(); // ... } // ... } So, as a solution I gave it $this as a parameter
      // $inputfieldInputfields = $inputfield->getConfigInputfields(); $inputfieldInputfields = $inputfield->getConfigInputfields($this); Now everything works without any hacks. It works in field settings, templates, repeaters just fine.
      protected function hookInputSettings(HookEvent $e) { // ... $field = $e->arguments(0); // ... $font->attr('value', $field->fontFamily); // WORKS! // ... } I wanted to write this post because it drove me mad last night. I guess the next step is to make a pull request.
    • By Slav
      Hey guys... Ok so I have a problem with a registration form password inputfield... The problem is that InputfieldPassword.js and InputfieldPassword.css are not loaded/fired. Or I dont even know exactly what is happening... Im pretty new to processwire and the website was not created by me so Im trying to figure out what has been done and how processwire works. Anyway this is how the form looks right now:

      ...and as you can see the styling is off (password validation check in particular)... this is what I see when page is loaded (without adding any input)... it looks like js and css files from wire/modules/Inputfield/InputfieldPassword are not firing... I dont know how it is supposed to work exactly so I dont even know where to start.
      Maybe someone has had similar problem and know an easy fix or can navigate me to what could cause this situation in PW.
      Oh by the way this problem occured when upgrading the PW version (current version 3.0.65)... everything else is ok... this is the only problem that has been found after upgrade...
      Appreciate all the help!
      Cheers!
    • By szabesz
      Hi PW fanatics
      In this post I share two of my addHookMethods for those interested. As you surely already know (if not, time to take a look at it) the Wire::addHookMethod() and the Wire::addHookProperty() API methods can be used to "breath some extra OOP" into your projects.
      Using addHookMethods and addHookProperty are alternatives to "Using custom page types in ProcessWire".
      The methods I want to share: basically the idea here is to get the URL pointing to images uploaded in the admin without writing much code in the template files. With methods like these below, it does not matter what Formatted value is set to the images, because some predefined defaults are used in all circumstances.
      #1 Example
      template file code:
      <?php $img_src = $latest_article->siteFeaturedImage(); ?> <img src="<?= $img_src ?>" alt="<?= $page->title ?>"> addHookMethod goes into /site/init.php
      <?php /* Returns URL of the original Pageimage of Article. * Image field's value can be either null (default missing image), Pageimage or Pageimages. * * @return string */ $wire->addHookMethod('Page::siteFeaturedImage', function($event) { $page = $event->object; if ($page->template != "article") { throw new WireException("Page::siteFeaturedImage() only works on 'Pages of article template', Page ID=$page is not such!"); } $article_featured = $page->getUnformatted('article_featured'); //always a Pageimages array if (count($article_featured)) { $img_url = $article_featured->first()->url; } else { $img_url = urls()->templates . "assets/img/missing-article_image.jpg"; //we show this when image is not available } $event->return = $img_url; }); ?> #2 Example
      template file code:
      <?php $img600_src = $page->siteProductImageMaxSize(600, 600, ['rotate' => 180]); ?> <img src="<?= $img600_src ?>" alt="<?= $page->title ?>"> addHookMethod goes into /site/init.php
      <?php /* Generates image variations for Product images. Returns URL of Pageimage. * Image field's value can be either null (default missing image), Pageimage or Pageimages. * * @param int arguments[0] Max allowed width * @param int arguments[1] Max allowed height * @param array arguments[2] See `Pageimage::size()` method for options * @return string */ $wire->addHookMethod('Page::siteProductImageMaxSize', function($event) { $page = $event->object; if ($page->template != "product") { throw new WireException("Page::siteProductImageMaxSize() only works on 'Pages of product template', Page ID=$page is not such!"); } $width = isset($event->arguments[0]) ? $event->arguments[0] : 48; //default width $height = isset($event->arguments[1]) ? $event->arguments[1] : 48; //default height $options = isset($event->arguments[2]) ? $event->arguments[2] : $options = array(); //default empty options $product_image = $page->getUnformatted('product_image'); //always a Pageimages array if (count($product_image)) { $img_url = $product_image->first()->maxSize($width, $height, $options)->url; } else { $img_url = urls()->templates . "assets/img/product-missing-image.jpg"; //we show this when image is not available } $event->return = $img_url; }); ?> BTW, you can find more examples here:
      How can I add a new method via a hook? Working with custom utility hooks Adding array_chunk support to WireArray addHookProperty() versus addHookMethod() Have a nice weekend!
    • By Qualtext
      Hi community,
      i want to add a selector to every pages->find() method. I found this hook solution, and Ryan mentioned this somewhere in this forum.
      https://processwire.com/api/ref/pages/find/
      $this->addHookBefore('Pages::find', function(HookEvent $event) { // Get the object the event occurred on, if needed $pages = $event->object; // Get values of arguments sent to hook (and optionally modify them) $selector = $event->arguments(0); $options = $event->arguments(1); /* Your code here, perhaps modifying arguments */ // Populate back arguments (if you have modified them) $event->arguments(0, $selector); $event->arguments(1, $options); });  If i try to add something to the given $selector, the error occurs: Exception: Unknown Selector operator: '' -- was your selector value properly escaped?
      But the syntax is right, isn´t it?
      $this->addHookBefore('Pages::find', function(HookEvent $event) { // Get the object the event occurred on, if needed $pages = $event->object; // Get values of arguments sent to hook (and optionally modify them) $selector = $event->arguments(0); $options = $event->arguments(1); /* Your code here, perhaps modifying arguments */ $selector.= ", loremipsum_field!=1"; /* <----------------------- */ // Populate back arguments (if you have modified them) $event->arguments(0, $selector); $event->arguments(1, $options); }); What i am doing wrong?
      Thank you for your advice!
       
    • By jen
      Yesterday we somehow lost access to all current admin, superuser/passwords to processwire.  We tried using the reset password form and nothing was sent.  We began noticing some of the menu buttons went missing as well as some photos.  Any suggestions how to resolve the login issue?