added password validation routines, as well as general improvements on sanitize function

phpgwapi/inc/common_functions.inc.php

@@ -176,20 +176,40 @@
 					return True;
 				}
 				break;
+			case "isprint":
+				$length = strlen($string);
+				$position = 0;
+				while ($length > $position)
+				{
+					$char = substr($string, $position, 1);
+			 		if ($char < ' ' || $char > '~')
+					{
+						return False;
+					}
+					$position = $position + 1;
+				}
+				return True;
+	     	break;
+			case 'alpha':
+				if (preg_match("/^[a-z]+$/i", $string))
+				{
+					return True;
+				}
+				break;
 			case 'number':
 				if (preg_match("/^[0-9]+$/i", $string))
 				{
 					return True;
 				}
 				break;
-			case 'string':
-				if (preg_match("/^[a-z]+$/i", $string))
+			case 'alphanumeric':
+				if (preg_match("/^[a-z0-9 -._]+$/i", $string))
 				{
 					return True;
 				}
 				break;
-			case 'alpha':
-				if (preg_match("/^[a-z0-9 -._]+$/i", $string))
+			case 'string':
+				if (preg_match("/^[a-z]+$/i", $string))
 				{
 					return True;
 				}
@@ -221,6 +241,72 @@
 					return True;
 				}
 				break;
+			case "password":
+				$password_length = strlen($string);
+				$password_numbers = Array('0','1','2','3','4','5','6','7','8','9');
+				$password_special_chars = Array(' ','~','`','!','@','#','$','%','^','&','*','(',')','_','+','-','=','{','}','|','[',']',"\\",':','"',';',"'",'<','>','?',',','.','/');
+
+				if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['min_length']))
+				{
+					$min_length = $GLOBALS['phpgw_info']['server']['passwd_rules']['min_length'];
+				}
+				else
+				{
+					$min_length = 1;
+				}
+				
+				if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['require_numbers']) && $GLOBALS['phpgw_info']['server']['passwd_rules']['require_numbers'] == True)
+				{
+					$pass_verify_num = False;
+				}
+				else
+				{
+					$pass_verify_num = True;
+				}
+
+				if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['require_special_char']) && $GLOBALS['phpgw_info']['server']['passwd_rules']['require_special_char'] == True)
+				{
+					$pass_verify_special_char = False;
+				}
+				else
+				{
+					$pass_verify_special_char = True;
+				}
+				
+				if ($password_length >= $min_length)
+				{
+					for ($i=0; $i != $password_length; $i++)
+					{
+						$cur_test_string = substr($string, $i, 1);
+						if (in_array($cur_test_string, $password_numbers))
+						{
+							$pass_verify_num = True;
+						}
+						elseif (in_array($cur_test_string, $password_special_chars))
+						{
+							$pass_verify_special_char = True;
+						}
+					}
+				
+					if ($pass_verify_num == False)
+					{
+						$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one numeric character']=False;
+					}
+
+					if ($pass_verify_special_char == False)
+					{
+						$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one special character (non-letter and non-number)']=False;
+					}
+					
+					if ($pass_verify_num == True && $pass_verify_special_char == True)
+					{
+						return True;
+					}
+					return False;
+				}
+				$GLOBALS['phpgw_info']['flags']['msgbox_data']['Password must be at least '.$min_length.' characters']=False;
+				return False;
+				break;
 			case 'any':
 				return True;
 				break;

preferences/changepassword.php

@@ -48,43 +48,45 @@
 	{
 		if($n_passwd != $n_passwd_2)
 		{
-			$errors[] = lang('The two passwords are not the same');
+			$GLOBALS['phpgw_info']['flags']['msgbox_data']['The two passwords are not the same']=False;
 		}
 
 		if(! $n_passwd)
 		{
-			$errors[] = lang('You must enter a password');
+			$GLOBALS['phpgw_info']['flags']['msgbox_data']['You must enter a password']=False;
 		}
-
-		if(is_array($errors))
+		sanitize($n_passwd,'password');
+		
+		if(@is_array($GLOBALS['phpgw_info']['flags']['msgbox_data']))
 		{
 			$GLOBALS['phpgw']->common->phpgw_header();
-			$GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors));
 			$GLOBALS['phpgw']->template->pfp('out','form');
-			$GLOBALS['phpgw']->common->phpgw_exit(True);
-		}
-
-		$o_passwd = $GLOBALS['phpgw_info']['user']['passwd'];
-		$passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
-		if(!$passwd_changed)
-		{
-			// This need to be changed to show a different message based on the result
-			Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=38'));
+			$GLOBALS['phpgw']->common->phpgw_footer();
 		}
 		else
 		{
-			$GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
-			$GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id'];
-			$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
-			$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
-			$GLOBALS['phpgw']->hooks->process('changepassword');
-			Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=18'));
+
+			$o_passwd = $GLOBALS['phpgw_info']['user']['passwd'];
+			$passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
+			if(!$passwd_changed)
+			{
+				// This need to be changed to show a different message based on the result
+				Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=38'));
+			}
+			else
+			{
+				$GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd);
+				$GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id'];
+				$GLOBALS['hook_values']['old_passwd'] = $o_passwd;
+				$GLOBALS['hook_values']['new_passwd'] = $n_passwd;
+				$GLOBALS['phpgw']->hooks->process('changepassword');
+				Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=18'));
+			}
 		}
 	}
 	else
 	{
 		$GLOBALS['phpgw']->common->phpgw_header();
-
 		$GLOBALS['phpgw']->template->pfp('out','form');
 		$GLOBALS['phpgw']->common->phpgw_footer();
 	}