8eefa44ab91cd30e682f95d5e7c181b44c831b79
[cacert.git] / pages / index / 6.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */ ?>
18 <p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
19 <b><?=_("In light of the number of people having issues with making up a password we have the following suggestions:")?></b><br><br>
20 <?=_("To get a password that will work, we suggest the following example")?>: Fr3d Sm|7h<br><br>
21 <?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?>
22 </p>
23
24 <form method="post" action="index.php" autocomplete="off">
25 <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="350">
26 <tr>
27 <td colspan="2" class="title"><?=_("Lost Pass Phrase - Step 2")?></td>
28 </tr>
29 <?
30 srand ((double) microtime() * 1000000);
31 $num2 = $nums = array();
32 for($i = 1; $i <= 5; $i++)
33 {
34 if($_SESSION['lostpw']['user']["Q$i"] == "")
35 continue;
36 $nums[] = $i;
37 }
38
39 for($i = 0; $i < count($nums); $i++)
40 {
41 if(count($num2) == count($nums))
42 break;
43
44 $val = rand(1, 5);
45 if($_SESSION['lostpw']['user']["Q$val"] == "")
46 {
47 $i--;
48 continue;
49 }
50
51 if($val < 1 || $val > 5)
52 {
53 $i--;
54 continue;
55 }
56
57 if(!in_array($val, $num2))
58 $num2[] = $val;
59 else
60 $i--;
61
62 if(count($num2) >= 3)
63 break;
64 }
65
66 if($i > 1)
67 {
68
69 $_SESSION['lostpw']['total'] = count($num2);
70
71 foreach($num2 as $num)
72 {
73 $q = "Q$num"; $a = "A$num";
74 if($_SESSION['lostpw']['user'][$q] == "")
75 continue;
76 ?>
77 <tr>
78 <td class="DataTD"><?=$_SESSION['lostpw']['user'][$q]?></td>
79 <td class="DataTD"><input type="text" name="<?=$a?>" autocomplete="off">
80 <input type="hidden" name="<?=$q?>" value="<?=sanitizeHTML($_SESSION['lostpw']['user'][$q])?>"></td>
81 </tr>
82 <? } ?>
83 <tr>
84 <td class="DataTD"><?=_("New Pass Phrase")?><font color="red">*</font>: </td>
85 <td class="DataTD"><input type="password" name="newpass1" autocomplete="off"></td>
86 </tr>
87 <tr>
88 <td class="DataTD"><?=_("Repeat")?><font color="red">*</font>: </td>
89 <td class="DataTD"><input type="password" name="newpass2" autocomplete="off"></td>
90 </tr>
91 <tr>
92 <td class="DataTD" colspan="2"><font color="red">*</font><?=_("Please note, in the interests of good security, the pass phrase must be made up of an upper case letter, lower case letter, number and symbol.")?></td>
93 </tr>
94 <tr>
95 <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
96 </tr>
97 </table>
98 <input type="hidden" name="oldid" value="<?=$id?>">
99 </form>
100 <? } else { ?>
101 <p><?=_("You do not have enough/any lost password questions set. You will not be able to continue to reset your password via this method.")?></p>
102 <? } ?>