[OPEN-ILS-DEV] OPAC renew password - remove current password

Mon Dec 10 12:29:33 EST 2012

While reviewing the OPAC login, our libs found that patrons become confused when changing their passwords. On the Change screen, Current Password is already filled with dots and the New Password and Retype Password are blank. Patrons go directly to the New Password line and change it. I think they're supposed to have to type in the Current Password. This prevents sonmeone who gains access to another user's account.

I did check this issue, and it seems this problem happens with Firefox browser when libs staff accepted browser to remember their username and password to login next time. So whenever the user go to change password, the current password textbox will be filled automatically by the Autocomplete feature of Firefox. Autocomplete is a nice feature which fills in common form fields automatically for the user. However, in this case, you don’t want this to happen.

Note: IE and Chrome work fine with this issue. They don't auto-filled the current password textbox.

Anyway, since it happens with Firefox (one of the most popular browser), I fixed this issue by inserting a little javascript code at the bottom of the update_password.tt2 page beneath the form. The concept is basially to set a timeout a fraction of a second after the page loads which clears the current password field. Technically Firefox still populates the field, however this script code removes it almost instantly.

PS: This issue is caused with Change Email also. And the solution should be the same.
Our libs are using Evergreen 2.2.
I posted this bug at: https://bugs.launchpad.net/evergreen/+bug/1088561
Hopefully this help some libs that get the same problem.

==========☺ ♥ ♫ ☺ ♥ ♫ ☺ ♥ ♫ ☺ ♥ ♫ ☺ ==========
Hieu Mai (Simon)
Systems Developer - PALS
A Program of the Minnesota State Colleges and Universities
Email: hieu.mai at mnsu.edu<mailto:hieu.mai at mnsu.edu> (master.simon21 at yahoo.com<mailto:master.simon21 at yahoo.com>)
 "Every day may not be good… but there’s something good in every day"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20121210/e571c414/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Sample of OPAC Password change_A5A2_4837.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 43076 bytes
Desc: Sample of OPAC Password change_A5A2_4837.docx
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20121210/e571c414/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: update_password.tt2-fixed.diff
Type: application/octet-stream
Size: 579 bytes
Desc: update_password.tt2-fixed.diff
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-dev/attachments/20121210/e571c414/attachment-0001.obj>