Client-side scripting, password fields

Does anyone know how to read a client side password textbox on submission of a form (or at any other time).

I am trying to develop a 'change password' form that has strict rules such as upper case, alpha and numeric.

In version 7, you simply accessed a client side field using the value property i.e. txtNewPassword.value. This would give you the unencrypted, client side value of the field. This no longer works. The field now does not have a value property.

I would love to be able to make this a server side function. But this isn't possible as by the time it is server side, it is MD5 encrypted. My only last point of call would be to make the field something other than a password type and script the masking seperately, but this would then introduce a security flaw.

As an aside, is there a server / client side scripting document yet? It would be useful to know the available functions...

Find more posts tagged with

BPM

Comments

Kevin Manuel

You can get the value of the password field using client side Javascript before the MD5 encoding by accessing the HTML object of the field name + "_Editor"

Example where your password field name is Text1:

var pwdvalue = document.getElementById("Text1_Editor").value;

Jerome_Pearce

This is definitely a bug, and should be reported as such. It does make functionality that was simple in version 7 impossible without unsupported (and bound to break) hacks.

Nils Wyldbore wrote:

As an aside, is there a server / client side scripting document yet? It would be useful to know the available functions...

The client scripting is very limited, and fully documented in the manual / help files. I have compiled the functionality as of 9.1 with references to the version 7 functions replaced:

http://processmapping.com.au/freestuff/MetastormBPM9Functions/index.html