summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-06-22 00:21:45 +0200
committerMichael Tänzer <neo@nhng.de>2011-06-22 00:21:45 +0200
commite7368868ba88433956ad034fb7883d2dcd9566be (patch)
tree2718e822d17fe30cec13764ae61529c8901734d2 /includes
parent62f99b561a13e51e8f4d55a36092de536c531d99 (diff)
downloadcacert-devel-e7368868ba88433956ad034fb7883d2dcd9566be.tar.gz
cacert-devel-e7368868ba88433956ad034fb7883d2dcd9566be.tar.xz
cacert-devel-e7368868ba88433956ad034fb7883d2dcd9566be.zip
#637: Move a subset of password checks to a separate function and check itbug-637
on every login The subset are some very lightweight checks that contains the check for the old password suggestion Signed-off-by: Michael Tänzer <neo@nhng.de>
Diffstat (limited to 'includes')
-rw-r--r--includes/general.php15
1 files changed, 13 insertions, 2 deletions
diff --git a/includes/general.php b/includes/general.php
index 5789875..aa74e9b 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -248,8 +248,7 @@
}
}
- function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
- {
+ function checkpwlight($pwd) {
$points = 0;
if(strlen($pwd) > 15)
@@ -279,7 +278,19 @@
$points++;
//echo "Points due to length and charset: $points<br/>";
+
+ // check for historical password proposal
+ if ($pwd === "Fr3d Sm|7h") {
+ return 0;
+ }
+
+ return $points;
+ }
+ function checkpw($pwd, $email, $fname, $mname, $lname, $suffix)
+ {
+ $points = checkpwlight($pwd);
+
if(@strstr(strtolower($pwd), strtolower($email)))
$points--;