TweetFollow Us on Twitter

Password
Volume Number:7
Issue Number:7
Column Tag:C Workshop
Related Info: Dialog Manager

Password Dialogs

By Bill Schilit, New York, NY

Note: Source code files accompanying article are located on MacTech CD-ROM or source code disks.

Making a Password Dialog

Bill Schilit has been programming the Macintosh since the days of the 128K. He co-authored Macintosh Kermit, and the CAP Appletalk-Unix File Server. Bill is currently a graduate student at Columbia University’s Computer Science department.

This article describes how to program a dialog with a non-displaying “password” field. In this type of dialog, when the user types in his or her password all they see are bullet characters (“•”) -- because you never know who may be looking over your shoulder.

The password field of the dialog must handle delete, backspace, and replacement of the text selection. Basically, even though you can’t see the characters being entered you want it to act like a normal Text Edit field. One nice solution to the problem is to create an offscreen TE field to hold the plain text password while the dialog TE field holds the bullets.

The Login Dialog

In the program below, LoginDialog() is called to display the dialog box, it returns the user name and password entered by the user. The filter procedure, LoginFilter() does the real work here: it checks the name and password lengths, keeps the offscreen TE record up to date, and exchanges the password character with a bullet.

LoginDialog() first loads the dialog from the resource file and then calls SetPort() to set the GrafPort to the dialog window. SetPort is required for TENew() a few lines below, since TextEdit remembers the GrafPort for you. The destination and view rectangles we supply to TENew() are outside of the dialog window, so we never actually see this TE field. After creating the invisible text edit field, a pointer to it is stored in the dialog window via SetWRefCon() so that the filter procedure has access to it.

The rest of LoginDialog() is fairly standard. The procedure loops until the user types the OK button at which point the user name and password fields are copied for the caller. Within the dialog loop the OK button is enabled or disabled -- if the password and username have some type in then OK is enabled, otherwise it is disabled.

Figure 1. Password Dialog Box

The Login Filter

LoginFilter() is the standard filter procedure called by our modal dialog. If you remember your Inside Mac then you know that returning TRUE from the filter proc means we have handled the event, and the item number is in itemHit. Returning FALSE lets ModalDialog process the event. Our filter proc is only concerned with keyboard events, so the first line in procedure LoginFilter causes a return on all other types of events.

The next task in LoginFilter() is to handle the characters tab and return (tab moves to the next field and return is the same as the default button). The filter returns here if either of these characters was typed.

The filter procedure now does the work of checking field lengths and setting those bullets. The dialog’s text edit handle and the editField tell us which field is getting type in and how large the current edit record is. We first check that adding the character will not push us past the password or user name size limit, if so the filter gives a beep and ignores the character. Notice that the auxiliary routine we call to check the length of the text edit field given the new character is smart about checking for deletes, backspace, and selection replacements.

When the character is destined for the password item we do our final manipulations. The handle to our invisible text edit record is fetched from the dialog refCon, and the selection (and insertion point) are set to be exactly the same as in the password field. TEKey() is called to insert the character into our invisible text edit. Now, unless the character is a delete or backspace, the character in the event record is replaced by a bullet. We return to ModalDialog telling it to handle the event with the now obscured character for the password field. When the dialog is complete, the password is available from the invisible text edit field.

LOGIN DIALOG.C

/*
 * Login Dialog.c - Dialog for User Login.
 *
 * Copyright (c) 1988 by Bill Schilit.
 *
 * Edit History:
 *
 *  April 23, 1988      Schilit    Created
 *  May 9, 1988         Schilit    Clean up
 *
 */

/* Includes MacHeaders */

#include “Login Dialog.h”

/* Prototypes */

static int 
TELengthCheck(TEPtr te,char c,int maxLen);

static void
TECpyText(TEHandle teH,Ptr p);

pascal Byte 
LoginFilter(DialogPtr dPtr,
        EventRecord *ePtr,short *iHit);

/*
 * LDialogStg contains the global vars used 
 * by the filter proc and user item procs in
 * our login dialog. A pointer to the 
 * LDialogStg is stored in the window refcon
 * of the dialog window.
 */

typedef struct {
    TEHandle passTeH;
} LDialogStg, *LDialogStgPtr;

/*
 * static Byte 
 *  LoginFilter(DialogPtr theDialog,
 *              EventRecord *theEvent,
 *              int *itemHit);
 *
 * Modal dialog filter to echo bullet 
 * (‘\245’) instead of the user’s password
 * and to limit the number of characters in
 * both the user name and password edit
 * records.
 */

static pascal Byte
LoginFilter(theDialog,theEvent,itemHit)
DialogPtr theDialog;
EventRecord *theEvent;
short *itemHit;
{
    register char c;
    int field,tooBig;
    TEPtr tePtr;
    LDialogStg *ldStg;
    
    /* we’re only interested in keyboard 
     * events. If not a key, let modal 
     * process as usual
     */
     
    if (theEvent->what != keyDown && 
        theEvent->what != autoKey)
            return(false);
    
    /* fetch the character from the
     * event message 
     */    

    c = theEvent->message & charCodeMask;
    
    /* Check for CR and convert to OK button.
     * Check for TAB and let it pass.
     */
     
    if (c == CR) {
        *itemHit = OK;
        return(true);
    }
    
    if (c == ‘\t’)
        return(false);

    /* make sure the edit text item is one
     * we are interested in and check to see
     * if the length is not too large.
     */
     
    field = 
      ((DialogPeek) theDialog)->editField+1;
    
    tePtr = 
      *(((DialogPeek) theDialog)->textH);

    /* User is typing in the nameItem -- 
     * our only interest is the size 
     */
    
    if (field == nameItem) {
        tooBig = 
          TELengthCheck(tePtr,c,MAXNAME);

     /* give a beep if too big, and return
      * TRUE to ignore the event.
      */
      
        if (tooBig)
            SysBeep(1);   
        return(tooBig);   
    }
    
    /* If typing into the password, check the
     * size, then diddle the character so 
     * bullet (\245) shows up instead of what
     * the user typed.
     */
     
    if (field == passwdItem) {
        if (TELengthCheck(tePtr,c,MAXPWD)) {
            SysBeep(1);
            return(true);
        }
        
   /* Insert the char into our private
     * password text edit record. First
     * set the text selection so action
     * mimicks exactly what user is 
     * selecting and typing in passwdItem
     * text edit field.
     */
    
        ldStg = (LDialogStg *) 
          GetWRefCon(theDialog);
          
        if (ldStg == 0)
            return(false);
            
        TESetSelect(tePtr->selStart,
                    tePtr->selEnd,
                    ldStg->passTeH);
                    
        TEKey(c,ldStg->passTeH);
    
        /* unless BS or DEL, replace the
         * password character with bullet 
         */

        if (c != DEL && c != BS)
            theEvent->message = ‘\245’ | 
            (theEvent->message & 
              ~charCodeMask);
        return(false);       /* return ok */
    }
    
    return(false);           /* all other items */
    
}    

/*
 * static int 
 * TELengthCheck(tePtr te,char c,int maxLen)
 *
 * Check that adding character c to the text
 * edit te does not cause more than maxLen
 * chars in the text edit item:
 *
 * 1) If delete or backspace then length will
 *    decrease so ok.
 * 2) If a selection range of 1 or more chars 
 *    then same as above.
 * 3) Finally just check the length of the 
 *    edit item. 
 *
 *
 * Returns: FALSE if OK, TRUE if too large.
 *
 */
 
static int
TELengthCheck(te,c,maxLen)
TEPtr te;
char c;
int maxLen;
{

   /* this char a del or bs */
   /*  if so, does not increase */
 
    if (c == DEL || c == BS)
        return(false);       

    /* selected a region? */
    /* if so, then does not increase */
    
    if (te->selStart < 
        te->selEnd)           
        return(false);      
   
   /* else will insert, check length */
      
    if (te->teLength < maxLen) 
        return(false);
    
    return(true);
}

/*
 * static void TECpyText(TEHandle teH,Ptr p)
 *
 * Fetch the text from the text edit handle
 * and store as a pascal string in Ptr p.
 *
 * NB: This only works if the TE text is less
 * than 255 characters (a pascal string 
 * limit) so be careful.
 *
 */
 
static void
TECpyText(teH,p)
TEHandle teH;
Ptr p;
{
    p[0] = (unsigned char) (*teH)->teLength;
    BlockMove(*(*teH)->hText,&p[1],p[0]);
}

/*
 * LoginDialog(char *uName,*uPassword)
 *
 * Perform a login dialog and return the user
 * name and password in uName and uPassword.
 *
 * The dialog has a special filter procedure
 * which echos bullet characters in the
 * password field.
 * 
 * The length of the username and password
 *  are limited to MAXNAME and MAXPWD.
 * 
 * Note: we do not issue ParamText() since 
 * this affects other dialogs on the screen.
 * 
 */
 
LoginDialog(uName,uPasswd)
char *uName,*uPasswd;
{
    DialogPtr d;
    short itemHit;
    Rect aRect;
    int theKind;
    Handle nameHdl,okHdl;
    Boolean okOK = false;
    LDialogStg LDStg;
    

    d = GetNewDialog(LOGIN_DLOG,
                     (Ptr) 0,(Ptr) -1);
                     
    if (d == 0)
        return;
  
    /* make it the current port */          
  
    SetPort(d);         
    
    /* Make an offscreen rect for the text
     * edit to hold the plain text of the
     * entered password.
     * 
     * The dialog edit text for the password
     * will get “•” for each character typed.
     */
     
    SetRect(&aRect,0,0,1,1);
    OffsetRect(&aRect,
                d->portRect.right,
                d->portRect.bottom);
    
    LDStg.passTeH = TENew(&aRect,&aRect);
    
    /* Set the window data to be a pointer
     * to storage needed by filter procedure.
     */
     
    SetWRefCon(d,(long) &LDStg);
  /* Get handles for Name field and 
     * OK Button 
     */
        
    GetDItem(d,nameItem,&theKind,
             &nameHdl,&aRect);
    GetDItem(d,okItem,&theKind,
             &okHdl,&aRect);
    
    ShowWindow(d);
    
    while (!(okOK && itemHit == okItem)) {
        
        /* Set okOK to true if password and
         * name fields both have more than
         * one character. Enable/Disable the
         * OK button accordingly.
         */
         
        GetIText(nameHdl,uName);
        okOK = 
          (*LDStg.passTeH)->teLength > 0 &&
           uName[0] > 0;
                
        HiliteControl((ControlHandle) okHdl,
                      okOK ? 0 : 255);
        
        ModalDialog(LoginFilter,&itemHit);
    }
    
    /* Store the password and username
     *  for the caller then clean up.
     */
    
    TECpyText(LDStg.passTeH,uPasswd);
    GetIText(nameHdl,uName);

    DisposDialog(d);    
    TEDispose(LDStg.passTeH);
}

LOGIN MAIN.C

/*
 * Login Main.c - Main for Login Example.
 * This program built under LSC 3.0
 * Copyright (c) 1988 by Bill Schilit.
 * Edit History:
 *  April 23, 1988     Schilit    Created
 *  May 9, 1988        Schilit    Clean up
 */

/* MacHeaders included */

#include “Login Dialog.h”

#define ALERTID 128

main()
{    
    char User[255];
    char Password[255];
    
    InitGraf(&thePort);
    InitFonts();
    InitWindows();
    InitMenus();
    TEInit();
    InitDialogs(0);
    FlushEvents(everyEvent,0);
    InitCursor();
            
    /* Show the login dialog box and
     * repeat until the user types
     * the matching password.
     */
     
    for (;;) {
    
        /* Call LoginDialog to get user name 
         * and password.
         */
        
        LoginDialog(User,Password);
        
        /* Compare the entered password with
         * “swordfish” -- case doesn’t matter
         *  -- and exit if a match.
         */
         
        if (EqualString(Password,
                        “\pSwordFish”,
                        false,false))
            ExitToShell();
            
        /* No match, show our alert box with
         * a hint, and repeat the process.
         */
         
        ParamText(User,0,0,0);
        Alert(ALERTID,(ProcPtr) 0);
    }
}
LOGIN DIALOG.H

/*
 * Login Dialog.h - Definitions for 
 *                   Login Dialog.
 * This program built under LSC 3.0
 * Copyright (c) 1988 by Bill Schilit.
 * Edit History:
 *    April 23, 1988     Schilit   Created
 *    May 9, 1988        Schilit   Clean up
 */


#define LOGIN_DLOG 256

enum {           /* DITL for LOGIN_DLOG */
    okItem=1,    /* OK button */
    nameItem,    /* edit text name */
    passwdItem,  /* edit text password */
    myIconItem   /* the icon */
};

enum {           /* ASCII definitions */
    CR = 0x0d,
    DEL = 0x7f,
    BS = 0x08
};


  /* max chars in a password */
  
#define MAXPWD 10    

  /* max chars in a user name */
  
#define MAXNAME 12   

/* PROTOTYPES */

LoginDialog(char *uName,char *uPasswd);

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Latest Forum Discussions

See All

Six fantastic ways to spend National Vid...
As if anyone needed an excuse to play games today, I am about to give you one: it is National Video Games Day. A day for us to play games, like we no doubt do every day. Let’s not look a gift horse in the mouth. Instead, feast your eyes on this... | Read more »
Old School RuneScape players turn out in...
The sheer leap in technological advancements in our lifetime has been mind-blowing. We went from Commodore 64s to VR glasses in what feels like a heartbeat, but more importantly, the internet. It can be a dark mess, but it also brought hundreds of... | Read more »
Today's Best Mobile Game Discounts...
Every day, we pick out a curated list of the best mobile discounts on the App Store and post them here. This list won't be comprehensive, but it every game on it is recommended. Feel free to check out the coverage we did on them in the links below... | Read more »
Nintendo and The Pokémon Company's...
Unless you have been living under a rock, you know that Nintendo has been locked in an epic battle with Pocketpair, creator of the obvious Pokémon rip-off Palworld. Nintendo often resorts to legal retaliation at the drop of a hat, but it seems this... | Read more »
Apple exclusive mobile games don’t make...
If you are a gamer on phones, no doubt you have been as distressed as I am on one huge sticking point: exclusivity. For years, Xbox and PlayStation have done battle, and before this was the Sega Genesis and the Nintendo NES. On console, it makes... | Read more »
Regionally exclusive events make no sens...
Last week, over on our sister site AppSpy, I babbled excitedly about the Pokémon GO Safari Days event. You can get nine Eevees with an explorer hat per day. Or, can you? Specifically, you, reader. Do you have the time or funds to possibly fly for... | Read more »
As Jon Bellamy defends his choice to can...
Back in March, Jagex announced the appointment of a new CEO, Jon Bellamy. Mr Bellamy then decided to almost immediately paint a huge target on his back by cancelling the Runescapes Pride event. This led to widespread condemnation about his perceived... | Read more »
Marvel Contest of Champions adds two mor...
When I saw the latest two Marvel Contest of Champions characters, I scoffed. Mr Knight and Silver Samurai, thought I, they are running out of good choices. Then I realised no, I was being far too cynical. This is one of the things that games do best... | Read more »
Grass is green, and water is wet: Pokémo...
It must be a day that ends in Y, because Pokémon Trading Card Game Pocket has kicked off its Zoroark Drop Event. Here you can get a promo version of another card, and look forward to the next Wonder Pick Event and the next Mass Outbreak that will be... | Read more »
Enter the Gungeon review
It took me a minute to get around to reviewing this game for a couple of very good reasons. The first is that Enter the Gungeon's style of roguelike bullet-hell action is teetering on the edge of being straight-up malicious, which made getting... | Read more »

Price Scanner via MacPrices.net

Take $150 off every Apple 11-inch M3 iPad Air
Amazon is offering a $150 discount on 11-inch M3 WiFi iPad Airs right now. Shipping is free: – 11″ 128GB M3 WiFi iPad Air: $449, $150 off – 11″ 256GB M3 WiFi iPad Air: $549, $150 off – 11″ 512GB M3... Read more
Apple iPad minis back on sale for $100 off MS...
Amazon is offering $100 discounts (up to 20% off) on Apple’s newest 2024 WiFi iPad minis, each with free shipping. These are the lowest prices available for new minis among the Apple retailers we... Read more
Apple’s 16-inch M4 Max MacBook Pros are on sa...
Amazon has 16-inch M4 Max MacBook Pros (Silver and Black colors) on sale for up to $410 off Apple’s MSRP right now. Shipping is free. Be sure to select Amazon as the seller, rather than a third-party... Read more
Red Pocket Mobile is offering a $150 rebate o...
Red Pocket Mobile has new Apple iPhone 17’s on sale for $150 off MSRP when you switch and open up a new line of service. Red Pocket Mobile is a nationwide MVNO using all the major wireless carrier... Read more
Switch to Verizon, and get any iPhone 16 for...
With yesterday’s introduction of the new iPhone 17 models, Verizon responded by running “on us” promos across much of the iPhone 16 lineup: iPhone 16 and 16 Plus show as $0/mo for 36 months with bill... Read more
Here is a summary of the new features in Appl...
Apple’s September 2025 event introduced major updates across its most popular product lines, focusing on health, performance, and design breakthroughs. The AirPods Pro 3 now feature best-in-class... Read more
Apple’s Smartphone Lineup Could Use A Touch o...
COMMENTARY – Whatever happened to the old adage, “less is more”? Apple’s smartphone lineup. — which is due for its annual refresh either this month or next (possibly at an Apple Event on September 9... Read more
Take $50 off every 11th-generation A16 WiFi i...
Amazon has Apple’s 11th-generation A16 WiFi iPads in stock on sale for $50 off MSRP right now. Shipping is free: – 11″ 11th-generation 128GB WiFi iPads: $299 $50 off MSRP – 11″ 11th-generation 256GB... Read more
Sunday Sale: 14-inch M4 MacBook Pros for up t...
Don’t pay full price! Amazon has Apple’s 14-inch M4 MacBook Pros (Silver and Black colors) on sale for up to $220 off MSRP right now. Shipping is free. Be sure to select Amazon as the seller, rather... Read more
Mac mini with M4 Pro CPU back on sale for $12...
B&H Photo has Apple’s Mac mini with the M4 Pro CPU back on sale for $1259, $140 off MSRP. B&H offers free 1-2 day shipping to most US addresses: – Mac mini M4 Pro CPU (24GB/512GB): $1259, $... Read more

Jobs Board

All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.