0

When I change password on user profile page, changes are applies but password field always set with old password that I have used for login.

New password will works only if I don't try to change something else on profile page.

If I try, old password also save to db instead of new.

To prevent this, I tried to set:

  1. 'attr' => array('autocomplete' => 'off') for password field in my UserType
  2. Also I tried to set 'always_empty' => true
  3. Both of these options
  4. force transform() method to return empty string in my DataTransformer for password field
  5. Tried to turn off autocomplete for form in twig

All this variants not work. What can I do else?

Any help will be appreciated! Thanks!

Disable browser 'Save Password' functionality not solve my problem, because currently I want to know, how to avoid this problem in Symfony without using javascript.

Community
  • 1
  • 1
Sergio Ivanuzzo
  • 1,820
  • 4
  • 29
  • 59
  • Possible duplicate of [Disable browser 'Save Password' functionality](http://stackoverflow.com/questions/32369/disable-browser-save-password-functionality) – Alain Tiemblo Nov 09 '15 at 07:21
  • 1
    This problem occurs because you chosen to "Remember password" in your browser. As such, your browser will autocomplete the password even if the autocomplete option is set to "off". [This answer](http://stackoverflow.com/a/23927796/731138) looks to be the way to go. – Alain Tiemblo Nov 09 '15 at 07:21
  • @AlainTiemblo thanks for comment. I know about remember password in browser. But this not mean that every user of my application must turn off this option. I also know that I can fix this issue with javascript. But currently I want to know, how to solve this using Symfony. – Sergio Ivanuzzo Nov 09 '15 at 07:37
  • @SergioIvanuzzo Check the source code of your page - if there is a `value` attribute on your password field that contains a password, this means that Symfony is the culprit. If there isn't any value in the source code, this means the password is being filled by the browser or JavaScript, in which case what @AlainTiemblo says is correct. – John Noel Nov 09 '15 at 09:46
  • @JohnNoel yes, the problem exists because browser remembers the password and pass it to the field. And in my mind, autocomplete option should prevent this, but not. So, do you mean that only way to fix this is using javascript? – Sergio Ivanuzzo Nov 09 '15 at 09:55
  • 2
    @SergioIvanuzzo You are trying to "fix" something that isn't broken - this is a browser UI/UX decision by the user. You are effectively trying to override something that a user has decided they are happy with (remembering the password for a site) which, yes JavaScript will be able to sort, but you will frustrate the user because of it. – John Noel Nov 09 '15 at 09:59
  • thanks all for explanation! – Sergio Ivanuzzo Nov 09 '15 at 13:10

0 Answers0