1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 14:00:31 +02:00

some fixes.

David, could you check the pass_complex expressions? They are:
.* PASS_TYPE_ANY (any characters are allowed, no check)
[a-zA-Z] PASS_TYPE_CASE (password must contain alphanumerics)
[a-zA-Z0-9] PASS_TYPE_ALPHA (password must contain alphanumerics and numbers)
[a-zA-Z\W] PASS_TYPE_SYMBOL (password must contain alphanumers, numbers and symbols)

At the moment the pass complexity check is done within validate_password(), but the expressions are wrong. :)


git-svn-id: file:///svn/phpbb/trunk@6317 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2006-08-25 15:15:53 +00:00
parent d1ae8c52a4
commit e7cbcfe874
13 changed files with 74 additions and 27 deletions

View File

@@ -1034,6 +1034,7 @@ function validate_match($string, $optional = false, $match)
* Also checks if it includes the " character, which we don't allow in usernames.
* Used for registering, changing names, and posting anonymously with a username
*
* @todo do we really check and disallow the " character in usernames as written above. Has it only be forgotten to include the check?
* @return boolean|string Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function validate_username($username)
@@ -1105,6 +1106,29 @@ function validate_username($username)
return false;
}
/**
* Check to see if the password meets the complexity settings
*
* @return boolean|string Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
*/
function validate_password($password)
{
global $config, $db, $user;
if (!$password)
{
return false;
}
// We only check for existance of characters
if (!preg_match('#' . str_replace('\\\\', '\\', $config['pass_complex']) . '#i', $password))
{
return 'INVALID_CHARS';
}
return false;
}
/**
* Check to see if email address is banned or already present in the DB
*