$conf = $GLOBALS['CONF']; $pass_length_min = $conf->get_conf('pass_length_min') ? $conf->get_conf('pass_length_min') : 7; $pass_length_max = $conf->get_conf('pass_length_max') ? $conf->get_conf('pass_length_max') : 255; $pass_length_max = $pass_length_max < $pass_length_min || $pass_length_max < 1 ? 255 : $pass_length_max; $pass_expire_min = $conf->get_conf('pass_expire_min') ? $conf->get_conf('pass_expire_min') : 0; if (0 != strcmp($pass1, $pass2)) { $validation_errors['pass'] = _('Authentication failure') . '. ' . _('Passwords mismatch'); } elseif (strlen($pass1) < $pass_length_min) { $validation_errors['pass'] = _('Password is not long enough') . ' [' . _('Minimum password size is') . ' ' . $pass_length_min . ']'; } elseif (strlen($pass1) > $pass_length_max) { $validation_errors['pass'] = _('Password is long enough') . ' [' . _('Maximum password size is') . ' ' . $pass_length_max . ']'; } elseif (!Session::pass_check_complexity($pass1)) { $validation_errors['pass'] = _('Password is not strong enough. Check the password policy configuration for more details'); } elseif ($mode == 'update') { $recent_pass = Log_action::get_last_pass($conn, $login); if ($pass_expire_min > 0 && dateDiff_min($last_pass_change, date('Y-m-d H:i:s')) < $pass_expire_min && !Session::am_i_admin()) { $validation_errors['pass'] = _('Password lifetime is too short to allow change. Wait a few minutes...'); } elseif (count($recent_pass) > 0 && (in_array(md5($pass1), $recent_pass) || in_array(hash('sha256', $pass1), $recent_pass))) { $validation_errors['pass'] = _('This password is recently used. Try another'); } } } } } //Checking entities field requirements if (empty($validation_errors['entities[]'])) { //Check allowed entities if ($pro && !$is_my_profile) { foreach ($entities as $ent_id) { if (!Acl::entityAllowed($ent_id)) { $validation_errors['entities[]'] = _("You don't have permission to create users at this level");
} else { $error->display(_("BAD_OLD_PASSWORD")); } } elseif (strlen($pass1) < $pass_length_min) { require_once "ossim_error.inc"; $error = new OssimError(); $error->display("PASSWORD_SIZE"); } elseif (strlen($pass1) > $pass_length_max) { require_once "ossim_error.inc"; $error = new OssimError(); $error->display("PASSWORD_SIZE_MAX"); } elseif (!Session::pass_check_complexity($pass1)) { require_once "ossim_error.inc"; $error = new OssimError(); $error->display("PASSWORD_ALPHANUM"); } elseif ($pass_expire_min > 0 && dateDiff_min($last_pass_change, date("Y-m-d H:i:s")) < $pass_expire_min) { require_once "ossim_error.inc"; $error = new OssimError(); $error->display("PASSWORD_EXPIRE_MIN"); } elseif (count($recent_pass) > 0 && in_array(md5($pass1), $recent_pass)) { require_once "ossim_error.inc"; $error = new OssimError(); $error->display("PASSWORD_RECENT"); } /* check for old password if not actual user or admin */ /* if ((($_SESSION["_user"] != $user) && $_SESSION["_user"] != ACL_DEFAULT_OSSIM_ADMIN) && !is_array($user_list = Session::get_list($conn, "WHERE login = '******' and pass = '******'"))) { require_once ("ossim_error.inc"); $error = new OssimError(); $error->display("BAD_OLD_PASSWORD"); }*/