/** * Validate a password * * @param string $password * @param array $rules * @param mixed $user * @param string $name * @return array */ public static function verify($password, $rules, $user, $name = null) { if (empty($rules)) { return array(); } $fail = array(); $stats = self::analyze($password); foreach ($rules as $rule) { if ($rule['rule'] == 'minCharacterClasses') { if ($stats['uniqueClasses'] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxCharacterClasses') { if ($stats['uniqueClasses'] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minPasswordLength') { if ($stats['count'][0] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxPasswordLength') { if ($stats['count'][0] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'maxClassCharacters') { if (empty($rule['class'])) { continue; } $class = $rule['class']; if (empty($stats['count'][$class])) { $stats['count'][$class] = 0; } if ($stats['count'][$class] > $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minClassCharacters') { if (empty($rule['class'])) { continue; } $class = $rule['class']; if (empty($stats['count'][$class])) { $stats['count'][$class] = 0; } if ($stats['count'][$class] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'minUniqueCharacters') { if ($stats['uniqueCharacters'] < $rule['value']) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notBlacklisted') { if (Blacklist::basedOnBlackList($password)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notNameBased') { if ($name == null) { if (is_numeric($user)) { $xuser = User::oneOrNew($user); } else { $xuser = User::oneByUsername($user); } if (!is_object($xuser)) { continue; } $givenName = $xuser->get('givenName'); $middleName = $xuser->get('middleName'); $surname = $xuser->get('surname'); $name = $givenName; if (!empty($middleName)) { if (empty($name)) { $name = $middleName; } else { $name .= ' ' . $middleName; } } if (!empty($surname)) { if (empty($name)) { $name = $surname; } else { $name .= ' ' . $surname; } } } if (self::isBasedOnName($password, $name)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notUsernameBased') { if (is_numeric($user)) { $xuser = User::oneOrNew($user); if (!is_object($xuser)) { continue; } $user = $xuser->get('username'); } if (self::isBasedOnUsername($password, $user)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notReused') { $date = new \DateTime('now'); $date->modify("-" . $rule['value'] . "day"); $phist = History::getInstance($user); if (!is_object($phist)) { continue; } if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] == 'notRepeat') { if (Password::passwordMatches($user, $password, true)) { $fail[] = $rule['failuremsg']; } } else { if ($rule['rule'] === 'true') { } else { if ($rule['rule'] == 'notStale') { } else { $fail[] = $rule['failuremsg']; } } } } } } } } } } } } } } } if (empty($fail)) { $fail = array(); } return $fail; }
/** * Change a user's pass hash * * @param mixed $user * @param string $password * @return bool */ public static function changePasshash($user = null, $passhash) { // Get config values for min, max, and warning $config = \Component::params('com_members'); $shadowMin = $config->get('shadowMin', '0'); $shadowMax = $config->get('shadowMax', null); $shadowWarning = $config->get('shadowWarning', '7'); // Translate empty shadowMax to mean NULL $shadowMax = $shadowMax == '' ? null : $shadowMax; $hzup = self::getInstance($user); $oldhash = $hzup->__get('passhash'); $hzup->__set('passhash', $passhash); $hzup->__set('shadowFlag', null); $hzup->__set('shadowLastChange', intval(time() / 86400)); $hzup->__set('shadowMin', $shadowMin); $hzup->__set('shadowMax', $shadowMax); $hzup->__set('shadowWarning', $shadowWarning); $hzup->__set('shadowInactive', '0'); $hzup->__set('shadowExpire', null); $hzup->update(); $db = \App::get('db'); $db->setQuery("UPDATE `#__xprofiles` SET userPassword="******" WHERE uidNumber=" . $db->quote($hzup->get('user_id'))); $db->query(); $db->setQuery("UPDATE `#__users` SET password="******" WHERE id=" . $db->quote($hzup->get('user_id'))); $db->query(); if (!empty($oldhash)) { History::addPassword($oldhash, $user); } return true; }