/**
* checks password with cracklib and outputs warning message if insecure.
*
* @param string username
* @param string password
*/
function liveuser_admin_users_cracklib_check($username, $password)
{
if (extension_loaded('crack') && function_exists('crack_check') && function_exists('crack_getlastmessage')) {
crack_check($value);
if (crack_getlastmessage() != "strong password") {
echo '<p>Password for user ' . $username . ' is not secure, cracklib reports: ' . crack_getlastmessage() . '.</p>';
}
}
//Jeff's password checker, copied from auth_liveuser.php
$password_status = ewiki_check_passwd($password, $username);
//$end=getmicrotime();
//echo($end-$time);
if ($password_status != 'good passwd') {
if ($password_status == 'read error') {
echo ewiki_t('PASS_DICTIONARY_READ_ERROR');
} else {
echo ewiki_t($password_status);
}
}
}
function liveuser_generate_password()
{
$pwd = '';
// to store generated password
$len = rand(LW_PASSWORD_LEN_MIN, LW_PASSWORD_LEN_MAX);
// password length
do {
// generate random number sequence of ascii characters
for ($i = 0; $i < $len; $i++) {
$num = rand(48, 122);
if ($num >= ord('a') && $num <= ord('z')) {
$pwd .= chr($num);
} else {
if ($num >= ord('A') && $num <= ord('Z')) {
$pwd .= chr($num);
} else {
if ($num >= ord('0') && $num <= ord('9')) {
$pwd .= chr($num);
} else {
if ($num >= ord('#') && $num <= ord('&')) {
$pwd .= chr($num);
} else {
if ($num >= ord('?') && $num <= ord('@')) {
$pwd .= chr($num);
} else {
$i--;
}
}
}
}
}
}
} while (ewiki_check_passwd($pwd) != "good passwd");
return $pwd;
}
/**
* changes current user's password based on form input
*
* @param mixed id
* @param mixed data
* @return mixed
*/
function ewiki_page_liveuser_chpw($id, $data)
{
global $liveuser, $liveuserAuthAdmin;
// if form was not submitted, return page output for form
if (!isset($_REQUEST['oldpassword'])) {
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_FORM');
}
// ensure that original password is valid, and that new passwords match
if ($liveuser->getProperty('passwd') != $liveuserAuthAdmin->encryptPW($_REQUEST['oldpassword'])) {
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_BADOLD') . ewiki_t('CHPW_FORM');
} else {
if ($_REQUEST['newpassword1'] != $_REQUEST['newpassword2']) {
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_NOMATCH') . ewiki_t('CHPW_FORM');
} else {
if ($_REQUEST['newpassword1'] == $_REQUEST['oldpassword']) {
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_SAMEOLD') . ewiki_t('CHPW_FORM');
}
}
}
//$time=getmicrotime();
$password_status = ewiki_check_passwd($_REQUEST['newpassword1'], $liveuser->getHandle());
//$end=getmicrotime();
//echo($end-$time);
if ($password_status != 'good passwd') {
if ($password_status == 'read error') {
return ewiki_make_title($id, $id, 2) . ewiki_t('PASS_DICTIONARY_READ_ERROR');
} else {
return ewiki_make_title($id, $id, 2) . ewiki_t($password_status) . '<!--' . $password_status . '-->' . ewiki_t('CHPW_FORM');
}
}
// return success
if ($liveuserAuthAdmin->updateUser($liveuser->getProperty('authUserId'), $liveuser->getHandle(), $_REQUEST['newpassword2']) === true) {
ewiki_set_uservar("passwdstatus", 'good', $GLOBALS['ewiki_auth_user']);
ewiki_set_uservar("passwdexpiredate", time() + 60 * 60 * 24 * EWIKI_PASSWD_LIFETIME, $GLOBALS['ewiki_auth_user']);
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_SUCCESS');
} else {
return ewiki_make_title($id, $id, 2) . ewiki_t('CHPW_ERROR');
}
}
