Thank you for looking into this. I've a made a workaround using a workflow to clear out and mask the records.
Gavin
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using Umbraco.Forms.CodeFirst;
using Umbraco.Forms.Core;
using Umbraco.Forms.Core.Enums;
using Umbraco.Forms.Core.Providers.FieldTypes;
using Umbraco.Forms.Core.Providers;
using Umbraco.Forms.Core.Providers.WorkflowTypes;
using Umbraco.Forms.Data.Storage;
namespace Application.Web.ContourExtended.WorkFlowType
{
[Workflow("Secure WorkFlow", FormState.Approved)]
public class SecureWorkFlow : WorkflowBase
{
public override WorkflowType Type
{
get
{
return new Application.Web.ContourExtended.WorkFlowType.SecureSavedRecords { };
}
}
}
public class SecureSavedRecords : Umbraco.Forms.Core.WorkflowType
{
public SecureSavedRecords()
{
this.Name = "Delete Saved Records Workflow";
this.Id = new Guid("D6A2C406-CF89-11DE-B075-55B055D85592");
this.Description = "This will save an entry securely";
}
public override WorkflowExecutionStatus Execute(Umbraco.Forms.Core.Record record, RecordEventArgs e)
{
List<object> l = new List<object>();
l.Add("XXXX");
//we can then iterate through the fields
foreach(var k in record.RecordFields.Keys){
record.RecordFields[k].Values = l;
System.Diagnostics.Debug.WriteLine("Record Value:" + record.RecordFields[k].ValuesAsString());
}
//If we altered a field, we can save it using the record storage
RecordStorage store = new RecordStorage();
store.UpdateRecord(record, e.Form);
store.UpdateRecordXml(record, e.Form);
store.Dispose();
System.Diagnostics.Debug.WriteLine("Record Updated.");
/// This function below deletes passed stored Forms!!!!!
var allEntries = Contour.Addons.DynamicObjects.Library.GetRecordsFromForm(e.Form.Id.ToString());
if (allEntries.Items.Count() > 0)
{
Umbraco.Forms.Data.Storage.RecordStorage recordStorage = new Umbraco.Forms.Data.Storage.RecordStorage();
foreach (var entry in allEntries.Items)
{
if (record.Id != new Guid(entry.Id))
{
try
{
Record f = recordStorage.GetRecord(new Guid(entry.Id));
var r = new Umbraco.Forms.Core.Services.RecordService(f);
r.Delete();
System.Diagnostics.Debug.WriteLine("Form Records Deleted!");
r.Dispose();
}
catch
{
System.Diagnostics.Debug.WriteLine("Catch couldn't delete all records");
}
}
}
recordStorage.Dispose();
}
return WorkflowExecutionStatus.Completed;
}
public override List<Exception> ValidateSettings()
{
List<Exception> exceptions = new List<Exception>();
return exceptions;
}
}
Contour.CodeFirstExample Login stores in password clear text.
Hi,
I'm using Umbraco 4.11.8 with Contour 3.0.15 to create a Login Form.
However I've noticed the login and password are being stored in clear text in the UFRecordDataString table.
Is there anyway to prevent this ?
I’ve tried the option StoreRecordsLocally=false but that does seem to effect it. I don't need the record stored at all in the database.
Thanks,
Gavin
No answer on this, maybe I'm doing something wrong or this is a serious security issue. Any ideas?
Thanks,
Gavin
Comment author was deleted
Yeah setting StoreRecordsLocally=false should prevent it from adding
Might be a bug then, looking into it
Hi Tim,
Thank you for looking into this. I've a made a workaround using a workflow to clear out and mask the records.
Gavin
using System; using System.Collections.Generic; using System.Linq; using System.Web;
using Umbraco.Forms.CodeFirst; using Umbraco.Forms.Core; using Umbraco.Forms.Core.Enums; using Umbraco.Forms.Core.Providers.FieldTypes; using Umbraco.Forms.Core.Providers; using Umbraco.Forms.Core.Providers.WorkflowTypes;
using Umbraco.Forms.Data.Storage;
namespace Application.Web.ContourExtended.WorkFlowType { [Workflow("Secure WorkFlow", FormState.Approved)] public class SecureWorkFlow : WorkflowBase { public override WorkflowType Type { get { return new Application.Web.ContourExtended.WorkFlowType.SecureSavedRecords { }; } } }
}
Comment author was deleted
Ok :) but will make sure the StoreRecordsLocally does what it is supposed to do :)
Comment author was deleted
Issue here if you want to keep track of it http://issues.umbraco.org/issue/CON-480
is working on a reply...