Password Field

Hello,

I have downloaded and tested your module, this is in-fact a great module which can be used for these purposes as well, which I feel you may add to your description.

This module is highly useful when I want to provide security to my node content, ex- If I have a content type for videos and I would like the contents to be viewed only by the authorized users, this module is really handy there. It provides the flexibility for the content driven websites to allow there users to create secure content.

however in order to password protect the node page, we may need few more lines of code.

--

From my experience, I have reviewed the code structure as well and feel that the module has adhere all the coding structure and is upto the mark. I have n't found any unnecessary code in this module.

Suggestion :- But personal
--------------------------

I would rather love to name the label as : Encrypted password, just as I was a bit confused is the Password option coming here is for this module or not.

Add two lines of comment above the "PASSWORD_FIELD_SALT" definition, as most beginners gets confused weather it would be ideal to change it or not, however you have mentioned every thing nicely in your project description.

I would suggest /*This is SALT which will be used while encrypting/decrypting the password, it is strongly recommended to change the value of this constant. NOTE that you must do this BEFORE you create any instances of password fields though, as the module will no longer be able to decrypt previously stored data.*/

I hope others will also do a code review and provide suggestions.

Thanks ! Very nice module !

Hello,

Great module you have. I have downloaded, installed and tested with some data and it's works well.
Your code is clean and understandable.

I agree with the comment from dharam1987, your project could call something like encripted field because it's good to save any field in a encrypted form.

I still have one sugestion for future implementation:

• What do you think about use de one field as a key to encrypt all content of the node? It could be very usefull to apply to secret information.

Hello

I have downloaded, installed and tested and it's works well.

I create a field (field_password) on Article type, creating a node and via hook_node_view (following module documentation ) testing if the password value is back and it does

I agree too the recomendation about give more information about PASSWORD_FIELD_SALT

Also recommend create password_field.admin.inc and a form where priveleged users could set PASSWORD_FIELD_SALT value, for example at admin/config/development/password_field

Anyway great work!!!!

Thank you for your reviews jrsinclair! When finishing your review comment also set the issue status either to "needs work" (you found some problems with the project) or "reviewed & tested by the community" (you found no flaws).

manual review:

1. why do you need the constant PASSWORD_FIELD_SALT? You should use drupal_get_hash_salt() or drupal_get_private_key() instead, which is not publicly available.
2. _password_field_encrypt(): hard coding to nodes? This field could be used on any entity type, so it would break there. And this look quite hacky - I'm not sure you should be doing this in a validation function. Is there no better way to retrieve the old field value?

So I think the first point is a security blocker, otherwise this looks nearly RTBC to me. Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.

Please add all your reviews to the issue summary and be proud of the community service your are doing here. It is much appreciated :-)

manual review:

1. "$fld_instnc": do not shorten variable names, as this is harder to read than a slightly longer name.
2. "compact('field_name', 'langcode', 'delta', 'entity_type')": compact()? Really? Why not just "array($field_name, $langcode, $delta, $entity_type)" which is even shorter?

Anyway, just minor stuff, RTBC now. Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.

Adding review links

Hello,

Great work on the module. It is very useful for my current projects.
It works really well and the code is nice and clean.

Adding additional review links.

no objections in more than a week, so ...

Thanks for your contribution, jrsinclair!

I updated your account to let you promote this to a full project and also create new projects as either a sandbox or a "full" project.

Here are some recommended readings to help with excellent maintainership:

• Dries' post on Responsible maintainers
• Best practices for creating and maintaining projects
• Maintaining a drupal.org project with Git
• Commit messages - providing history and credit
• Release naming conventions.
• Helping maintainers in the issue queues

You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and get involved!

Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

Thanks to the dedicated reviewer(s) as well.