- display search type as page title for premade searches [Bug #6508]

- flash enabled on user side by default, so that admins can actually change anything by activating it (still disabled by default)
- properly implemented password complexity check [Bug #6584]
- do not ldap_escape paramaters for the bind function [Bug #6208]
- deleted words in edited post subjects weren't getting there search cache refreshed [Bug #6288]
- made common word threshold configurable [Bug #6168]
- recreated word match table entries after installation, side effect of bug #6060
- option to only allow ASCII usernames
- adjusted search page pagination [Bug #6424]
- correctly calculate unformatted search result extract length


git-svn-id: file:///svn/phpbb/trunk@6814 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/functions_user.php

@@ -1219,10 +1219,51 @@ function validate_password($password)
 		return false;
 	}
 
-	// We only check for existance of characters
-	if (!preg_match('#' . str_replace('\\\\', '\\', $config['pass_complex']) . '#i', $password))
+	// generic UTF-8 character types supported?
+	if (version_compare(PHP_VERSION, '5.1.0', '>=') || (version_compare(PHP_VERSION, '5.0.0-dev', '<=') && version_compare(PHP_VERSION, '4.4.0', '>=')))
 	{
-		return 'INVALID_CHARS';
+		$upp = '\p{Lu}';
+		$low = '\p{Ll}';
+		$num = '\p{N}';
+		$sym = '[^\p{Lu}\p{Ll}\p{N}]';
+	}
+	else
+	{
+		$upp = '[A-Z]';
+		$low = '[a-z]';
+		$num = '[0-9]';
+		$sym = '[^A-Za-z0-9]';
+	}
+
+	$chars = array();
+
+	switch ($config['pass_complex'])
+	{
+		case 'PASS_TYPE_CASE':
+			$chars[] = $low;
+			$chars[] = $upp;
+		break;
+
+		case 'PASS_TYPE_ALPHA':
+			$chars[] = $low;
+			$chars[] = $upp;
+			$chars[] = $num;
+		break;
+
+		case 'PASS_TYPE_SYMBOL':
+			$chars[] = $low;
+			$chars[] = $upp;
+			$chars[] = $num;
+			$chars[] = $sym;
+		break;
+	}
+
+	foreach ($chars as $char)
+	{
+		if (!preg_match('#' . $char . '#u', $password))
+		{
+			return 'INVALID_CHARS';
+		}
 	}
 
 	return false;