Commit 2bd02447 authored by Donal McMullan's avatar Donal McMullan
Browse files

Move function: password_validate to auth/lib.php

parent 8eeae62f
......@@ -1007,6 +1007,68 @@ function auth_generate_login_form() {
return $loginform;
}
/**
* Given a form, an array of values with 'password1' and 'password2'
* indices and a user, validate that the user can change their password to
* the one in $values.
*
* This provides one place where validation of passwords can be done. This is
* used by:
* - registration
* - user forgot password
* - user changing password on their account page
* - user forced to change their password by the <kbd>passwordchange</kbd>
* flag on the <kbd>usr</kbd> table.
*
* The password is checked for:
* - Being in valid form according to the rules of the authentication method
* for the user
* - Not being an easy password (a blacklist of strings, NOT a length check or
* similar), including being the user's username
* - Both values being equal
*
* @param Pieform $form The form to validate
* @param array $values The values passed through
* @param string $authplugin The authentication plugin that the user uses
*/
function password_validate(Pieform $form, $values, $username, $institution) {
$authinstances = auth_get_auth_instances_for_institution($institution);
// If there's only one auth instance, and it's 'internal' then we use it to
// validate the password. This was a requirement of the original spec, so
// even though this code is... strange... it's still here.
if (1 == count($authinstances) && $authinstances[0]->authname == 'internal') {
$authobj = AuthFactory::create($authinstances[0]->id);
safe_require('auth', 'internal');
$authobj = new AuthInternal($authinstances[0]->id);
if (!$form->get_error('password1') && !$authobj->is_password_valid($values['password1'])) {
$form->set_error('password1', get_string('passwordinvalidform', "auth.$authtype"));
}
}
$suckypasswords = array(
'mahara', 'password', $username
);
if (!$form->get_error('password1') && in_array($values['password1'], $suckypasswords)) {
$form->set_error('password1', get_string('passwordtooeasy'));
}
if (!$form->get_error('password1') && $values['password1'] != $values['password2']) {
$form->set_error('password2', get_string('passwordsdonotmatch'));
}
// No Mike, that's a _BAD_ Mike! :)
if ($values['password1'] == 'mike01' || $values['password1'] == 'mike012') {
if (!$form->get_property('jsform')) {
die_info('<img src="'
. theme_get_url('images/sidebox1_corner_botright.gif')
. '" alt="(C) 2007 MSS Enterprises"></p>');
}
}
}
class PluginAuth extends Plugin {
......
......@@ -903,59 +903,6 @@ function get_random_key($length=16) {
return $result;
}
/**
* Given a form, an array of values with 'password1' and 'password2'
* indices and a user, validate that the user can change their password to
* the one in $values.
*
* This provides one place where validation of passwords can be done. This is
* used by:
* - registration
* - user forgot password
* - user changing password on their account page
* - user forced to change their password by the <kbd>passwordchange</kbd>
* flag on the <kbd>usr</kbd> table.
*
* The password is checked for:
* - Being in valid form according to the rules of the authentication method
* for the user
* - Not being an easy password (a blacklist of strings, NOT a length check or
* similar), including being the user's username
* - Both values being equal
*
* @param Pieform $form The form to validate
* @param array $values The values passed through
* @param string $authplugin The authentication plugin that the user uses
*/
function password_validate(Pieform $form, $values, $username, $institution) {
$authtype = auth_get_authtype_for_institution($institution);
$authclass = 'Auth' . ucfirst($authtype);
safe_require('auth', $authtype);
if (!$form->get_error('password1') && !call_static_method($authclass, 'is_password_valid', ($values['password1']))) {
$form->set_error('password1', get_string('passwordinvalidform', "auth.$authtype"));
}
$suckypasswords = array(
'mahara', 'password', $username
);
if (!$form->get_error('password1') && in_array($values['password1'], $suckypasswords)) {
$form->set_error('password1', get_string('passwordtooeasy'));
}
if (!$form->get_error('password1') && $values['password1'] != $values['password2']) {
$form->set_error('password2', get_string('passwordsdonotmatch'));
}
// No Mike, that's a _BAD_ Mike! :)
if ($values['password1'] == 'mike01' || $values['password1'] == 'mike012') {
if (!$form->get_property('jsform')) {
die_info('<img src="'
. theme_get_url('images/sidebox1_corner_botright.gif')
. '" alt="(C) 2007 MSS Enterprises"></p>');
}
}
}
//
// Pieform related functions
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment