From 4baa73230fd89061a8e53904cf633e10c42d8603 Mon Sep 17 00:00:00 2001 From: =?utf8?q?St=C3=A9phane=20Jacob?= Date: Thu, 5 Aug 2010 14:11:56 +0200 Subject: [PATCH] Forbids passwords having only one type of characters, renames password related files. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Stéphane Jacob --- htdocs/javascript/{motdepasse.js => password.js} | 5 +++ htdocs/javascript/xorg.js | 41 +++++++++++++++++----- modules/googleapps.php | 2 +- modules/platal.php | 10 +++--- modules/register.php | 2 +- ...motdepasse.success.tpl => password.success.tpl} | 0 templates/platal/{motdepasse.tpl => password.tpl} | 0 7 files changed, 44 insertions(+), 16 deletions(-) rename htdocs/javascript/{motdepasse.js => password.js} (90%) rename templates/platal/{motdepasse.success.tpl => password.success.tpl} (100%) rename templates/platal/{motdepasse.tpl => password.tpl} (100%) diff --git a/htdocs/javascript/motdepasse.js b/htdocs/javascript/password.js similarity index 90% rename from htdocs/javascript/motdepasse.js rename to htdocs/javascript/password.js index 17864f2..929bd94 100644 --- a/htdocs/javascript/motdepasse.js +++ b/htdocs/javascript/password.js @@ -31,6 +31,11 @@ function EnCryptedResponse() { return false; exit; } + if (differentTypes(pw1)) { + alert ("\nErreur : le nouveau mot de passe doit comporter au moins deux types de caractères parmi les suivants : lettres minuscules, lettres majuscules, chiffres, caractères spéciaux.") + return false; + exit; + } str = hash_encrypt(document.forms.changepass.nouveau.value); document.forms.changepass2.response2.value = str; diff --git a/htdocs/javascript/xorg.js b/htdocs/javascript/xorg.js index eb8996a..ccc9c0b 100644 --- a/htdocs/javascript/xorg.js +++ b/htdocs/javascript/xorg.js @@ -271,27 +271,42 @@ function getType(c) { } } -function checkPassword(box, okLabel) { +function differentTypes(password) { var prev = 0; + + for (i = 0 ; i < password.length ; ++i) { + var type = getType(password.charAt(i)); + if (prev != 0 && prev != type) { + return true; + } + prev = type; + } + return false; +} + +function passwordStrength(password) { var prop = 0; - var pass = box.value; - var types = Array(0, 0, 0, 0, 0); + var prev = 0; var firstType = true; - for (i = 0 ; i < pass.length ; ++i) { - type = getType(pass.charAt(i)); + var types = Array(0, 0, 0, 0, 0); + + for (i = 0 ; i < password.length ; ++i) { + var type = getType(password.charAt(i)); if (prev != 0 && prev != type) { prop += 5; + firstType = false; } prop += i; if (types[type] == 0 && !firstType) { prop += 15; - } else { - firstType = false; } types[type]++; prev = type; } - if (pass.length < 6) { + if (password.length < 6) { + prop *= 0.75; + } + if (firstType) { prop *= 0.75; } if (prop > 100) { @@ -299,6 +314,14 @@ function checkPassword(box, okLabel) { } else if (prop < 0) { prop = 0; } + + return prop; +} + +function checkPassword(box, okLabel) { + var password = box.value; + var prop = passwordStrength(password); + if (prop >= 60) { color = "#4f4"; bgcolor = "#050"; @@ -320,7 +343,7 @@ function checkPassword(box, okLabel) { .parent().stop() .animate({ backgroundColor: bgcolor }, 750); var submitButton = $(":submit[name='" + passwordprompt_submit + "']"); - if (ok && pass.length >= 6) { + if (ok && password.length >= 6 && differentTypes(password)) { submitButton.attr("value", okLabel); submitButton.removeAttr("disabled"); } else { diff --git a/modules/googleapps.php b/modules/googleapps.php index 446d949..d359446 100644 --- a/modules/googleapps.php +++ b/modules/googleapps.php @@ -41,7 +41,7 @@ class GoogleAppsModule extends PLModule require_once("emails.inc.php"); require_once("googleapps.inc.php"); $page->changeTpl('googleapps/index.tpl'); - $page->addJsLink('motdepasse.js'); + $page->addJsLink('password.js'); $page->setTitle('Compte Google Apps'); $user = S::user(); diff --git a/modules/platal.php b/modules/platal.php index e24ce58..e4d07f5 100644 --- a/modules/platal.php +++ b/modules/platal.php @@ -224,12 +224,12 @@ class PlatalModule extends PLModule S::logger()->log('passwd'); Platal::session()->setAccessCookie(true); - $page->changeTpl('platal/motdepasse.success.tpl'); + $page->changeTpl('platal/password.success.tpl'); $page->run(); } - $page->changeTpl('platal/motdepasse.tpl'); - $page->addJsLink('motdepasse.js'); + $page->changeTpl('platal/password.tpl'); + $page->addJsLink('password.js'); $page->setTitle('Mon mot de passe'); } @@ -387,8 +387,8 @@ Adresse de secours : " . Post::v('email') : "")); S::logger($uid)->log("passwd", ""); $page->changeTpl('platal/tmpPWD.success.tpl'); } else { - $page->changeTpl('platal/motdepasse.tpl'); - $page->addJsLink('motdepasse.js'); + $page->changeTpl('platal/password.tpl'); + $page->addJsLink('password.js'); } } diff --git a/modules/register.php b/modules/register.php index 826e5c4..34c3ed1 100644 --- a/modules/register.php +++ b/modules/register.php @@ -248,7 +248,7 @@ class RegisterModule extends PLModule } $page->changeTpl('register/step' . $subState->i('step') . '.tpl'); - $page->addJsLink('motdepasse.js'); + $page->addJsLink('password.js'); if (isset($error)) { $page->trigError($error); } diff --git a/templates/platal/motdepasse.success.tpl b/templates/platal/password.success.tpl similarity index 100% rename from templates/platal/motdepasse.success.tpl rename to templates/platal/password.success.tpl diff --git a/templates/platal/motdepasse.tpl b/templates/platal/password.tpl similarity index 100% rename from templates/platal/motdepasse.tpl rename to templates/platal/password.tpl -- 2.1.4