diff --git a/phpgwapi/inc/common_functions.inc.php b/phpgwapi/inc/common_functions.inc.php index 52c9939f60..06f489514e 100755 --- a/phpgwapi/inc/common_functions.inc.php +++ b/phpgwapi/inc/common_functions.inc.php @@ -176,20 +176,40 @@ return True; } break; + case "isprint": + $length = strlen($string); + $position = 0; + while ($length > $position) + { + $char = substr($string, $position, 1); + if ($char < ' ' || $char > '~') + { + return False; + } + $position = $position + 1; + } + return True; + break; + case 'alpha': + if (preg_match("/^[a-z]+$/i", $string)) + { + return True; + } + break; case 'number': if (preg_match("/^[0-9]+$/i", $string)) { return True; } break; - case 'string': - if (preg_match("/^[a-z]+$/i", $string)) + case 'alphanumeric': + if (preg_match("/^[a-z0-9 -._]+$/i", $string)) { return True; } break; - case 'alpha': - if (preg_match("/^[a-z0-9 -._]+$/i", $string)) + case 'string': + if (preg_match("/^[a-z]+$/i", $string)) { return True; } @@ -221,6 +241,72 @@ return True; } break; + case "password": + $password_length = strlen($string); + $password_numbers = Array('0','1','2','3','4','5','6','7','8','9'); + $password_special_chars = Array(' ','~','`','!','@','#','$','%','^','&','*','(',')','_','+','-','=','{','}','|','[',']',"\\",':','"',';',"'",'<','>','?',',','.','/'); + + if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['min_length'])) + { + $min_length = $GLOBALS['phpgw_info']['server']['passwd_rules']['min_length']; + } + else + { + $min_length = 1; + } + + if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['require_numbers']) && $GLOBALS['phpgw_info']['server']['passwd_rules']['require_numbers'] == True) + { + $pass_verify_num = False; + } + else + { + $pass_verify_num = True; + } + + if(@isset($GLOBALS['phpgw_info']['server']['passwd_rules']['require_special_char']) && $GLOBALS['phpgw_info']['server']['passwd_rules']['require_special_char'] == True) + { + $pass_verify_special_char = False; + } + else + { + $pass_verify_special_char = True; + } + + if ($password_length >= $min_length) + { + for ($i=0; $i != $password_length; $i++) + { + $cur_test_string = substr($string, $i, 1); + if (in_array($cur_test_string, $password_numbers)) + { + $pass_verify_num = True; + } + elseif (in_array($cur_test_string, $password_special_chars)) + { + $pass_verify_special_char = True; + } + } + + if ($pass_verify_num == False) + { + $GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one numeric character']=False; + } + + if ($pass_verify_special_char == False) + { + $GLOBALS['phpgw_info']['flags']['msgbox_data']['Password requires at least one special character (non-letter and non-number)']=False; + } + + if ($pass_verify_num == True && $pass_verify_special_char == True) + { + return True; + } + return False; + } + $GLOBALS['phpgw_info']['flags']['msgbox_data']['Password must be at least '.$min_length.' characters']=False; + return False; + break; case 'any': return True; break; diff --git a/preferences/changepassword.php b/preferences/changepassword.php index 620ca393ea..cad1b9430b 100755 --- a/preferences/changepassword.php +++ b/preferences/changepassword.php @@ -48,43 +48,45 @@ { if($n_passwd != $n_passwd_2) { - $errors[] = lang('The two passwords are not the same'); + $GLOBALS['phpgw_info']['flags']['msgbox_data']['The two passwords are not the same']=False; } if(! $n_passwd) { - $errors[] = lang('You must enter a password'); + $GLOBALS['phpgw_info']['flags']['msgbox_data']['You must enter a password']=False; } - - if(is_array($errors)) + sanitize($n_passwd,'password'); + + if(@is_array($GLOBALS['phpgw_info']['flags']['msgbox_data'])) { $GLOBALS['phpgw']->common->phpgw_header(); - $GLOBALS['phpgw']->template->set_var('messages',$GLOBALS['phpgw']->common->error_list($errors)); $GLOBALS['phpgw']->template->pfp('out','form'); - $GLOBALS['phpgw']->common->phpgw_exit(True); - } - - $o_passwd = $GLOBALS['phpgw_info']['user']['passwd']; - $passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd); - if(!$passwd_changed) - { - // This need to be changed to show a different message based on the result - Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=38')); + $GLOBALS['phpgw']->common->phpgw_footer(); } else { - $GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd); - $GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id']; - $GLOBALS['hook_values']['old_passwd'] = $o_passwd; - $GLOBALS['hook_values']['new_passwd'] = $n_passwd; - $GLOBALS['phpgw']->hooks->process('changepassword'); - Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=18')); + + $o_passwd = $GLOBALS['phpgw_info']['user']['passwd']; + $passwd_changed = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd); + if(!$passwd_changed) + { + // This need to be changed to show a different message based on the result + Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=38')); + } + else + { + $GLOBALS['phpgw_info']['user']['passwd'] = $GLOBALS['phpgw']->auth->change_password($o_passwd, $n_passwd); + $GLOBALS['hook_values']['account_id'] = $GLOBALS['phpgw_info']['user']['account_id']; + $GLOBALS['hook_values']['old_passwd'] = $o_passwd; + $GLOBALS['hook_values']['new_passwd'] = $n_passwd; + $GLOBALS['phpgw']->hooks->process('changepassword'); + Header('Location: ' . $GLOBALS['phpgw']->link('/preferences/index.php','cd=18')); + } } } else { $GLOBALS['phpgw']->common->phpgw_header(); - $GLOBALS['phpgw']->template->pfp('out','form'); $GLOBALS['phpgw']->common->phpgw_footer(); }