Project

General

Profile

« Previous | Next » 

Revision 1906

Added by darkviper over 11 years ago

added new static Method Password::isValid() It checks a new password for invalid characters

View differences:

branches/2.8.x/CHANGELOG
11 11 
! = Update/Change
12 12 
===============================================================================
13 13 

  		




  
  14
  
    
06 Jun-2013 Build 1906 Werner v.d.Decken(DarkViper)


  		




  
  15
  
    
+ new Method Password::isValid() checks a new password for invalid characters


  		




  14
  16
  
    
01 Jun-2013 Build 1905 Werner v.d.Decken(DarkViper)


  		




  15
  17
  
    
+ new OutputFilter plugin 'FilterMediaRel'


  		




  16
  18
  
    
01 Jun-2013 Build 1904 Werner v.d.Decken(DarkViper)


  		












  

    
      branches/2.8.x/wb/admin/interface/version.php
    
  





  51
  51
  
    

  		




  52
  52
  
    
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)


  		




  53
  53
  
    
if(!defined('VERSION')) define('VERSION', '2.8.3');


  		




  54
  
  
    
if(!defined('REVISION')) define('REVISION', '1905');


  		




  
  54
  
    
if(!defined('REVISION')) define('REVISION', '1906');


  		




  55
  55
  
    
if(!defined('SP')) define('SP', '');


  		












  

    
      branches/2.8.x/wb/framework/Password.php
    
  





  68
  68
  
    
		parent::__construct($iIterationCountLog2, $bPortableHashes);


  		




  69
  69
  
    
	}


  		




  70
  70
  
    
/**


  		




  
  71
  
    
 * make hash from password


  		




  71
  72
  
    
 * @param string password to hash


  		




  72
  73
  
    
 * @return string generated hash. Null if failed.


  		




  73
  74
  
    
 */


  		




  74
  
  
    
	public function hashPassword($sPassword)


  		




  
  75
  
    
	public function makeHash($sPassword)


  		




  75
  76
  
    
	{


  		




  76
  77
  
    
		$sNewHash = parent::HashPassword($sPassword);


  		




  77
  78
  
    
		return ($sNewHash == '*') ? null : $sNewHash;


  		




  ......




  81
  82
  
    
 * @param string existing stored hash


  		




  82
  83
  
    
 * @return bool true if PW matches the stored hash


  		




  83
  84
  
    
 */


  		




  84
  
  
    
	public function checkPassword($sPassword, $sStoredHash)


  		




  
  85
  
    
	public function checkIt($sPassword, $sStoredHash)


  		




  85
  86
  
    
	{


  		




  86
  87
  
    
		// compatibility layer for deprecated, simple and old MD5 hashes


  		




  87
  88
  
    
		if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) {


  		




  ......




  90
  91
  
    
		return parent::CheckPassword($sPassword, $sStoredHash);


  		




  91
  92
  
    
	}


  		




  92
  93
  
    
/**


  		




  
  94
  
    
 * Check password for forbidden characters


  		




  
  95
  
    
 * @param string password to test


  		




  
  96
  
    
 * @return bool


  		




  
  97
  
    
 */


  		




  
  98
  
    
	public static function isValid($sPassword)


  		




  
  99
  
    
	{


  		




  
  100
  
    
		$sBlackList = '\"\'\,\;\<\>\?\\\{\|\}\~ '


  		




  
  101
  
    
		            . '\x00-\x20\x22\x27\x2c\x3b\x3c\x3e\x3f\x5c\x7b-\x7f\xff';


  		




  
  102
  
    
		$bRetval = !preg_match('/['.$sBlackList.']/si', $sPassword);


  		




  
  103
  
    
		return $bRetval;


  		




  
  104
  
    
	}


  		




  
  105
  
    
/**


  		




  93
  106
  
    
 * generate a case sensitive mnemonic password including numbers and special chars


  		




  94
  107
  
    
 * makes no use of confusing characters like 'O' and '0' and so on.


  		




  95
  108
  
    
 * @param int length of the generated password. default = PW_LENGTH_DEFAULT


  		




  ......




  103
  116
  
    
			array('B','C','D','F','G','H','J','K','M','N','P','Q','R','S','T','V','W','X','Y','Z'),


  		




  104
  117
  
    
			array('a','e','i','o','u'),


  		




  105
  118
  
    
			array('A','E','U'),


  		




  106
  
  
    
			array('!','-','@','_',':','.','+','%','/','*')


  		




  
  119
  
    
			array('!','-','@','_',':','.','+','%','/','*','=')


  		




  107
  120
  
    
		);


  		




  108
  121
  
    
		$iElements = ($iElements & self::PW_USE_ALL) == 0 ? self::PW_USE_ALL : $iElements;


  		




  109
  122
  
    
		if(($iLength < self::PW_LENGTH_MIN) || ($iLength > self::PW_LENGTH_MAX)) {


  		












Also available in:  Unified diff