added an optinal check for a save^tm password (criterias as in MS-Windows)

login.php

@@ -298,9 +298,18 @@
 			{
 				list($forward,$extra_vars) = explode('?',$forward,2);
 			}
-			//echo "redirecting to ".$GLOBALS['egw']->link($forward,$extra_vars);
-
-			$GLOBALS['egw']->redirect_link($forward,$extra_vars);
+			
+			// Check for save passwd
+			if($GLOBALS['egw_info']['server']['check_save_passwd'] && $GLOBALS['egw']->acl->check('changepassword', 1, 'preferences') && $unsave_msg = $GLOBALS['egw']->auth->crackcheck($passwd))
+			{
+				$GLOBALS['egw']->log->write(array('text'=>'D-message, User '. $login. ' authenticated with an unsave password','file' => __FILE__,'line'=>__LINE__));
+				$message = '<font color="red">'. lang('eGroupWare checked your password for saftyness. You have to change your password for the following reason:').'<br>';
+				$GLOBALS['egw']->redirect_link('/index.php', array('menuaction' => 'preferences.uipassword.change','message' => $message. $unsave_msg. '</font>'));
+			}
+			else 
+			{
+				$GLOBALS['egw']->redirect_link($forward,$extra_vars);
+			}
 		}
 	}
 	else

phpgwapi/inc/class.auth.inc.php

@@ -240,6 +240,33 @@
 			return False;
 		}
 
+		/**
+		 * Checks if a given password is "save"
+		 *
+		 * @param string $login
+		 * @abstract atm a simple check in length, #digits, #uppercase and #lowercase
+		 * 				could be made more save using e.g. pecl libary cracklib
+		 * 				but as pecl dosn't tun on any platform and isn't GPL'd
+		 * 				i havn't implemented it yet
+		 *				Windows compatible check is: 7 char lenth, 1 Up, 1 Low, 1 Num and 1 Special 
+		 * @author cornelius weiss<egw at von-und-zu-weiss.de>
+		 * @return mixed false if password is considerd "save" or a string $message if "unsafe" 
+		 */
+		function crackcheck($passwd)
+		{
+			if (!preg_match('/.{'. ($noc=7). ',}/',$passwd))
+				$message = lang('Password must have at least %1 characters',$noc). '<br>';
+			if(!preg_match('/(.*\d.*){'. ($non=1). ',}/',$passwd))
+				$message .= lang('Password must contain at least %1 numbers',$non). '<br>';
+			if(!preg_match('/(.*[[:upper:]].*){'. ($nou=1). ',}/',$passwd))
+				$message .= lang('Password must contain at least %1 uppercase letters',$nou). '<br>';
+			if(!preg_match('/(.*[[:lower:]].*){'. ($nol=1). ',}/',$passwd))
+				$message .= lang('Password must contain at least %1 lowercase letters',$nol). '<br>';
+			if(!preg_match('/(.*[\\!"#$%&\'()*+,-.\/:;<=>?@\[\]\^_ {|}~`].*){'. ($nol=1). ',}/',$passwd))
+				$message .= lang('Password must contain at least %1 special charactars',$nol). '<br>';
+			return $message ? $message : false;
+		}
+		
 		/**
 		@function smd5_compare
 		@abstract compare SMD5-encrypted passwords for authentication

preferences/inc/class.uipassword.inc.php

@@ -70,6 +70,10 @@
 				{
 					$errors[] = lang('You must enter a password');
 				}
+				if($GLOBALS['egw_info']['server']['check_save_passwd'] && $error_msg = $GLOBALS['egw']->auth->crackcheck($n_passwd))
+				{
+					$errors[] = $error_msg;
+				}
 
 				if(is_array($errors))
 				{
@@ -111,6 +115,7 @@
 				$GLOBALS['egw']->common->egw_header();
 				echo parse_navbar();
 
+				$GLOBALS['egw']->template->set_var('messages',$_GET['message']);
 				$GLOBALS['egw']->template->pfp('out','form');
 				$GLOBALS['egw']->common->egw_footer();
 			}

setup/lang/phpgw_de.lang

@@ -10,6 +10,7 @@
 <b>this will create 1 admin account and 3 demo accounts</b><br />the username/passwords are: demo/guest, demo2/guest and demo3/guest.	setup	de	<b>Dies wird 1 Admin- und 3 Demo-Benutzerkonten anlegen.</b><br />Die Benutzernamen/Passwörter sind: demo/guest, demo2/guest und demo3/guest.
 accounts existing	setup	de	Benutzerkonten existieren
 actions	setup	de	Aktionen
+activate save password check	setup	de	Aktiviere die "sichere Passwort" Überprüfung
 add auto-created users to this group ('default' will be attempted if this is empty.)	setup	de	Automatisch erzeugte Benutzer zu dieser Grupper hinzufügen ("Default" wird versucht wenn nichts angegeben.)
 add new database instance (egw domain)	setup	de	Neue Datenbankinstanz (eGW Domain) hinzufügen
 additional settings	setup	de	Zusätzliche Einstellungen
@@ -174,7 +175,9 @@ enable mcrypt	setup	de	MCrypt einschalten
 enter some random text for app session encryption	setup	de	Zufallstext zur Verschlüsselung der Anwendungssitzung
 enter some random text for app_session <br />encryption (requires mcrypt)	setup	de	Zufallstext zur Verschlüsselung der Anwendungssitzung<br />(benötigt mcrypt)
 enter the full path for temporary files.<br />examples: /tmp, c:\temp	setup	de	Vollständiger Pfad für temporäre Dateien.<br />Beispiel: /tmp, C:\TEMP
+enter the full path for temporary files.<br />examples: /tmp, c:temp	setup	de	Vollständiger Pfad für temporäre Dateien.<br />Beispiel: /tmp, C:\TEMP
 enter the full path for users and group files.<br />examples: /files, e:\files	setup	de	Vollständiger Pfad für Benutzer- und Gruppendateien.<br />Beispiel: /files, E:\Files
+enter the full path for users and group files.<br />examples: /files, e:files	setup	de	Vollständiger Pfad für Benutzer- und Gruppendateien.<br />Beispiel: /files, E:\Files
 enter the full path to the backup directory.<br />if empty: files directory	setup	de	Vollständiger Pfad für das Datensicherungsverzeichnis.<br />Wenn leer: Dateiverzeichnis
 enter the hostname of the machine on which this server is running	setup	de	Hostname des Computers auf dem der Server läuft
 enter the location of egroupware's url.<br />example: http://www.domain.com/egroupware &nbsp; or &nbsp; /egroupware<br /><b>no trailing slash</b>	setup	de	URL zur eGroupWare Installation.<br />Beispiel: http://www.domain.com/egroupware   or   /egroupware<br /><b>keinen nachfolgenden Slash /</b>

setup/lang/phpgw_en.lang

@@ -10,6 +10,7 @@
 <b>this will create 1 admin account and 3 demo accounts</b><br />the username/passwords are: demo/guest, demo2/guest and demo3/guest.	setup	en	<b>This will create 1 admin account and 3 demo accounts</b><br />The username/passwords are: demo/guest, demo2/guest and demo3/guest.
 accounts existing	setup	en	Accounts existing
 actions	setup	en	Actions
+activate save password check	setup	en	Activate save password check
 add auto-created users to this group ('default' will be attempted if this is empty.)	setup	en	Add auto-created users to this group ('Default' will be attempted if this is empty.)
 add new database instance (egw domain)	setup	en	Add new database instance (eGW domain)
 additional settings	setup	en	Additional settings

setup/templates/default/config.tpl

@@ -208,28 +208,36 @@
    <tr class="row_on">
     <td>{lang_sql_encryption_type}:</td>
     <td>
-     <select name="newsettings[sql_encryption_type]">
-{hook_sql_passwdhashes}
-     </select>
+     <select name="newsettings[sql_encryption_type]">{hook_sql_passwdhashes}</select>
     </td>
    </tr>
 
+   <tr class="row_off">
+     <td>{lang_Activate_save_password_check}:</td>
+     <td>
+      <select name="newsettings[check_save_passwd]">
+       <option value="">{lang_No}</option>
+       <option value="True" {selected_check_save_passwd_True}>{lang_Yes}</option>
+      </select>
+     </td>
+    </tr>
+    
    <tr class="row_off">
     <td>{lang_Allow_authentication_via_cookie}:</td>
     <td>
       <select name="newsettings[allow_cookie_auth]">
          <option value="">{lang_No}</option>
-         <option value="True"{selected_allow_cookie_auth_True}>{lang_Yes}</option>
+         <option value="True" {selected_allow_cookie_auth_True}>{lang_Yes}</option>
        </select>
     </td>
    </tr>
-
+   
    <tr class="row_on">
     <td>{lang_Allow_password_migration}:</td>
     <td>
       <select name="newsettings[pwd_migration_allowed]">
          <option value="">{lang_No}</option>
-         <option value="True"{selected_pwd_migration_allowed_True}>{lang_Yes}</option>
+         <option value="True" {selected_pwd_migration_allowed_True}>{lang_Yes}</option>
        </select>
     </td>
    </tr>