Project

General

Profile

Actions
Copy link

Bug #91970

closed

TCA eval saltedPassword can return null, behaving different than the old BackendEvaluator of ext:saltedpasswords which only returned string, leading to SQL errors

Added by Stefan P over 3 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
DataHandler aka TCEmain
Target version:
-
Start date:
2020-08-11
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
9
PHP Version:
Tags:
Complexity:
no-brainer
Is Regression:
No
Sprint Focus:
Remote Sprint

Description

We have a custom field that uses the ext:saltedpasswords BackendEvaluator TCA validation to create salted passwords on a custom field.

After upgrading to v9 we switched to saltedPassword evaluation. This works for required fields, but not for optional fields in case an empty password is provided.

The old evaluator just returned the empty string if the entered password was empty. The new saltedPassword evaluation returns null however for empty strings. Which can lead to SQL errors if the column is defined as NOT NULL.

Our workaround is to explicitly trim after saltedPassword:

'eval' => 'password, saltedPassword, trim'

Either the new eval should be changed to return ?? '' or the new behaviour must be documented in the TCA docs.

(We use pbkdf2 if this matters.)

Actions
Copy link

Also available in: Atom PDF