Manual:Hooks/AuthChangeFormFields/de

• $requests - array of AuthenticationRequests the fields are created from
• $fieldInfo - field information array (union of all AuthenticationRequest::getFieldInfo() responses).
• &$formDescriptor - HTMLForm descriptor. The special key weight can be set to change the order of the fields.
• $action - Einer der AuthManager::ACTION_*-Konstanten.

$formDescriptor will contain the definition of the HTMLForm (the descriptor array that will be passed to the HTMLForm constructor); the hook allows modifying it. The form field names (array keys) will match the field names in the requests. $fieldInfo ist das Ergebnis von AuthenticationRequest::mergeFieldInfo( $requests ).

Caveats:

• Changing the requests is not allowed.
• Adding fields which take data is not allowed (adding info fields is fine). Use an authentication provider's getAuthenticationRequests() method to add new fields.
• Any validation, permission check or other business logic in the hook can be trivially circumvented by using the API. Business logic should be in the providers.
• Any vital information must be made available via the API as well. If it's for users (e.g. the text of a CAPTCHA) use a null field in AuthenticationRequest::getFieldInfo() (which can be hidden/changed for the web UI from this hook if needed). If it's for machines (e.g. the public API key for the CAPTCHA) use AuthenticationRequest::getMetadata().

The hook is primarily meant to enhance fields defined by a provider in the same extension (e.g. change a textfield into a typeahead or other interactive widget), change the position of the widget and provide help links or other extra information. Changing form fields belonging to core or other extensions is allowed but should preferably be avoided as it makes the code more fragile.

• Handbuch: SessionManager und AuthManager
• Manual:SessionManager and AuthManager/Adding fields to the registration form