is_confirm_input_enabled() ) { return parent::get_field_container_tag( $form ); } return 'fieldset'; } public function validate( $value, $form ) { $password = rgpost( 'input_' . $this->id ); $confirm = rgpost( 'input_' . $this->id . '_2' ); if ( $this->is_confirm_input_enabled() && $password != $confirm ) { $this->failed_validation = true; $this->validation_message = esc_html__( 'Your passwords do not match.', 'gravityforms' ); } elseif ( $this->passwordStrengthEnabled && ! empty( $this->minPasswordStrength ) && ! empty( $password ) ) { $strength = rgpost('input_' . $this->id . '_strength' ); if ( empty( $strength ) ) { $strength = $this->get_password_strength( $password ); } $levels = array( 'short' => 1, 'bad' => 2, 'good' => 3, 'strong' => 4 ); if ( rgar( $levels, $strength, 0 ) < $levels[ $this->minPasswordStrength ] ) { $this->failed_validation = true; $this->validation_message = empty( $this->errorMessage ) ? sprintf( esc_html__( 'Your password does not meet the required strength. %sHint: To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ %% ^ & ).', 'gravityforms' ), '
' ) : $this->errorMessage; } } } /** * Calculate the password score using PHP when not passed by JS. * * @since 2.4.11 * * @see gravityforms.js gformPasswordStrength() JS code * * @param string $password The password that should be checked. * * @return string blank|short|bad|good|strong */ protected function get_password_strength( $password = '' ) { $symbol_size = 0; $strlen = GFCommon::safe_strlen( $password ); if ( 0 >= $strlen ) { return 'blank'; } if ( $strlen < 4 ) { return 'short'; } if ( preg_match( '/[ 0 - 9 ] /', $password ) ) { $symbol_size += 10; } if ( preg_match( '/[ a - z ] /', $password ) ) { $symbol_size += 26; } if ( preg_match( '/[ A - Z ] /', $password ) ) { $symbol_size += 26; } if ( preg_match( '/[^a - zA - Z0 - 9]/', $password ) ) { $symbol_size += 31; } $natLog = log( pow( $symbol_size, $strlen ) ); $score = $natLog / log( 2 ); if ( 40 > $score ) { return 'bad'; } if ( 56 > $score ) { return 'good'; } return 'strong'; } public function get_field_input( $form, $value = '', $entry = null ) { if ( is_array( $value ) ) { $value = array_values( $value ); } $form_id = $form['id']; $is_entry_detail = $this->is_entry_detail(); $is_form_editor = $this->is_form_editor(); $is_admin = $is_entry_detail || $is_form_editor; $id = (int) $this->id; $field_id = $is_entry_detail || $is_form_editor || $form_id == 0 ? "input_$id" : 'input_' . $form_id . "_$id"; $size = $this->size; $class_suffix = $is_entry_detail ? '_admin' : ''; $class = $this->is_confirm_input_enabled() ? '' : $size . $class_suffix; // Size only applies when confirmation is disabled. $class = esc_attr( $class ); $form_sub_label_placement = rgar( $form, 'subLabelPlacement' ); $field_sub_label_placement = $this->subLabelPlacement; $is_sub_label_above = $field_sub_label_placement == 'above' || ( empty( $field_sub_label_placement ) && $form_sub_label_placement == 'above' ); $sub_label_class_attribute = $field_sub_label_placement == 'hidden_label' ? "class='hidden_sub_label screen-reader-text'" : ''; $disabled_text = $is_form_editor ? 'disabled="disabled"' : ''; $first_tabindex = $this->get_tabindex(); $last_tabindex = $this->get_tabindex(); $strength_style = ! $this->passwordStrengthEnabled ? "style='display:none;'" : ''; $strength_indicator_label = esc_html__( 'Strength indicator', 'gravityforms' ); $strength = $this->passwordStrengthEnabled || $is_admin ? "

{$strength_indicator_label}

" : ''; $action = ! $is_admin ? "gformShowPasswordStrength(\"$field_id\");" : ''; $onchange = $this->passwordStrengthEnabled ? "onchange='{$action}'" : ''; $onkeyup = $this->passwordStrengthEnabled ? "onkeyup='{$action}'" : ''; $confirmation_value = rgpost( 'input_' . $id . '_2' ); $password_value = is_array( $value ) ? $value[0] : $value; $password_value = esc_attr( $password_value ); $confirmation_value = esc_attr( $confirmation_value ); $enter_password_field_input = GFFormsModel::get_input( $this, $this->id . '' ); $confirm_password_field_input = GFFormsModel::get_input( $this, $this->id . '.2' ); $enter_password_label = rgar( $enter_password_field_input, 'customLabel' ) != '' ? $enter_password_field_input['customLabel'] : esc_html__( 'Enter Password', 'gravityforms' ); $enter_password_label = gf_apply_filters( array( 'gform_password', $form_id ), $enter_password_label, $form_id ); $confirm_password_label = rgar( $confirm_password_field_input, 'customLabel' ) != '' ? $confirm_password_field_input['customLabel'] : esc_html__( 'Confirm Password', 'gravityforms' ); $confirm_password_label = gf_apply_filters( array( 'gform_password_confirm', $form_id ), $confirm_password_label, $form_id ); $required_attribute = $this->isRequired ? 'aria-required="true"' : ''; $invalid_attribute = $this->failed_validation ? 'aria-invalid="true"' : 'aria-invalid="false"'; $enter_password_placeholder_attribute = GFCommon::get_input_placeholder_attribute( $enter_password_field_input ); $confirm_password_placeholder_attribute = GFCommon::get_input_placeholder_attribute( $confirm_password_field_input ); $visibility_toggle_style = ! $this->passwordVisibilityEnabled ? " style='display:none;'" : ''; $enter_password_toggle = $this->passwordVisibilityEnabled || $is_admin ? "" : ""; $confirm_password_toggle = $this->passwordVisibilityEnabled || $is_admin ? "" : ""; $aria_describedby = $this->get_aria_describedby(); if ( $is_form_editor ) { $confirm_style = $this->is_confirm_input_enabled() ? '' : "style='display:none;'"; if ( $is_sub_label_above ) { return "

{$enter_password_label} {$enter_password_toggle} {$confirm_password_label} {$confirm_password_toggle}

{$strength}"; } else { return "

{$enter_password_toggle} {$enter_password_label} {$confirm_password_toggle} {$confirm_password_label}

{$strength}"; } } if ( $this->is_confirm_input_enabled() ) { if ( $is_sub_label_above ) { return "

{$enter_password_label} {$enter_password_toggle} {$confirm_password_label} {$confirm_password_toggle}

{$strength}"; } else { return "

{$enter_password_toggle} {$enter_password_label} {$confirm_password_toggle} {$confirm_password_label}

{$strength}"; } } else { $class = esc_attr( $class ); return "

{$enter_password_toggle}

{$strength}"; } } public function get_field_label_class(){ return 'gfield_label gfield_label_before_complex'; } public function get_value_save_entry( $value, $form, $input_name, $lead_id, $lead ) { /** * A filter to allow the password to be encrypted (default set to false) * * @param bool Whether to encrypt the Password field with true or false * @param array $form The Current Form Object */ $encrypt_password = apply_filters( 'gform_encrypt_password', false, $this, $form ); if ( $encrypt_password ) { $value = GFCommon::openssl_encrypt( $value ); GFFormsModel::set_openssl_encrypted_fields( $lead_id, $this->id ); } return $value; } /** * @deprecated 2.4.16 * * @param $entry * @param $form */ public static function delete_passwords( $entry, $form ) { $password_fields = GFAPI::get_fields_by_type( $form, array( 'password' ) ); $field_ids = array(); $encrypted_fields = GFFormsModel::get_openssl_encrypted_fields( $entry['id'] ); foreach ( $password_fields as $password_field ) { $field_ids[] = $password_field->id; GFAPI::update_entry_field( $entry['id'], $password_field->id, '' ); $key = array_search( $password_field->id, $encrypted_fields ); if ( $key !== false ) { unset( $encrypted_fields[ $key ] ); } } if ( empty( $encrypted_fields ) ) { gform_delete_meta( $entry['id'], '_openssl_encrypted_fields' ); } else { gform_update_meta( $entry['id'], '_openssl_encrypted_fields', $encrypted_fields ); } } /** * Removes the "for" attribute in the field label. * Inputs are only allowed one label (a11y) and the inputs already have labels. * * @since 2.4 * * @param array $form The Form Object currently being processed. * * @return string */ public function get_first_input_id( $form ) { return $this->is_confirm_input_enabled() ? '' : parent::get_first_input_id( $form ); } /** * Determines if the Confirm Password input is enabled. * * @since 2.4.15 * * @return bool */ private function is_confirm_input_enabled() { // Get Confirm Password input. $confirm_input = GFFormsModel::get_input( $this, $this->id . '.2' ); return isset( $confirm_input['isHidden'] ) ? ! $confirm_input['isHidden'] : true; } /** * Passwords are not saved to the database and won't be available in the runtime $entry object unless we stash and * rehydrate them into the $entry object after it has been retrieved from the database. * * @since 2.4.16 * * @param $form */ public static function stash_passwords( $form ) { foreach( $form['fields'] as $field ) { /* @var GF_Field $field */ if ( $field->get_input_type() == 'password' ) { self::$passwords[ $field->id ] = $field->get_value_submission( rgpost( 'gform_field_values' ) ); } } } /** * Hydrate the stashed passwords back into the runtime $entry object that has just been saved and retrieved from the * database. * * @since 2.4.16 * * @param $entry * * @return array $entry */ public static function hydrate_passwords( $entry ) { foreach( self::$passwords as $field_id => $password ) { $entry[ $field_id ] = $password; } // Reset passwords so they are not available for the next submission in multi-submission requests (only possible via API). self::$passwords = array(); return $entry; } } GF_Fields::register( new GF_Field_Password() );