mirror of
https://github.com/phpbb/phpbb.git
synced 2025-07-31 14:00:31 +02:00
some fixes.
David, could you check the pass_complex expressions? They are: .* PASS_TYPE_ANY (any characters are allowed, no check) [a-zA-Z] PASS_TYPE_CASE (password must contain alphanumerics) [a-zA-Z0-9] PASS_TYPE_ALPHA (password must contain alphanumerics and numbers) [a-zA-Z\W] PASS_TYPE_SYMBOL (password must contain alphanumers, numbers and symbols) At the moment the pass complexity check is done within validate_password(), but the expressions are wrong. :) git-svn-id: file:///svn/phpbb/trunk@6317 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
@@ -1034,6 +1034,7 @@ function validate_match($string, $optional = false, $match)
|
||||
* Also checks if it includes the " character, which we don't allow in usernames.
|
||||
* Used for registering, changing names, and posting anonymously with a username
|
||||
*
|
||||
* @todo do we really check and disallow the " character in usernames as written above. Has it only be forgotten to include the check?
|
||||
* @return boolean|string Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
|
||||
*/
|
||||
function validate_username($username)
|
||||
@@ -1105,6 +1106,29 @@ function validate_username($username)
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check to see if the password meets the complexity settings
|
||||
*
|
||||
* @return boolean|string Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
|
||||
*/
|
||||
function validate_password($password)
|
||||
{
|
||||
global $config, $db, $user;
|
||||
|
||||
if (!$password)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
// We only check for existance of characters
|
||||
if (!preg_match('#' . str_replace('\\\\', '\\', $config['pass_complex']) . '#i', $password))
|
||||
{
|
||||
return 'INVALID_CHARS';
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check to see if email address is banned or already present in the DB
|
||||
*
|
||||
|
Reference in New Issue
Block a user