Esempi di codice in PHP per loginPWcheckAge

Esempio n. 1

0

Mostra file

File: AuthPluginJaermuseet.php Progetto: hnJaermuseet/JM-booking

 /**
  * Check if a username+password pair is a valid login.
  * The name will be normalized to MediaWiki's requirements, so
  * you might need to munge it (for instance, for lowercase initial
  * letters).
  *
  * @param $username String: username.
  * @param $password String: user password.
  * @return bool
  * @public
  */
 function authenticate($user, $pass)
 {
     if ($this->debug) {
         echo 'authenticate<br>';
     }
     $user = strtolower(addslashes(htmlspecialchars(strip_tags($user), ENT_QUOTES)));
     // Username
     $pass = getPasswordHash($pass);
     if (isset($GLOBALS['authpluginjmTillatteBrukere']) && !in_array(strtolower($username), $GLOBALS['authpluginjmTillatteBrukere'])) {
         return false;
     }
     $is_external = isExternal();
     if ($this->debug) {
         echo 'is_external=' . $is_external . '<br>';
     }
     // Checking against database
     $Q_login = mysql_query("select user_id, deactivated, user_password_complex, user_password_lastchanged from `users` where lower(user_name_short) = '" . $user . "' and user_password = '******' limit 1", $this->database);
     if (mysql_num_rows($Q_login) > '0') {
         if ($is_external) {
             try {
                 $user_login = array('user_password_lastchanged' => mysql_result($Q_login, 0, 'user_password_lastchanged'));
                 loginPWcheckAge($user_login);
             } catch (Exception $e) {
                 if ($this->debug) {
                     echo 'auth failed, password to old for external user<br>';
                 }
                 return false;
             }
         }
         if (mysql_result($Q_login, 0, 'deactivated')) {
             if ($this->debug) {
                 echo 'auth failed, user deactivated<br>';
             }
             return false;
         } elseif ($is_external && !mysql_result($Q_login, 0, 'user_password_complex')) {
             if ($this->debug) {
                 echo 'auth failed, password not complex for external user<br>';
             }
             return false;
         } elseif (!$external_failed) {
             if ($this->debug) {
                 echo 'auth=true<br>';
             }
             return true;
         }
     } else {
         if ($this->debug) {
             echo 'auth failed, user not found (' . $user . ', ' . $pass . ')<br>';
         }
         return false;
     }
 }

Esempio n. 2

0

Mostra file

File: login.php Progetto: hnJaermuseet/JM-booking

if (isset($_POST['WEBAUTH_USER'])) {
    $user = getUserName();
    $pass = getUserPassword();
    // Check if we do not have a username/password
    if (empty($user) || empty($pass)) {
    } else {
        $user = slashes(htmlspecialchars(strip_tags($user), ENT_QUOTES));
        // Username
        $pass = getPasswordHash($pass);
        // Checking against database
        $Q_login = mysql_query("select user_id, deactivated, user_password_complex, user_password_lastchanged from `users` where user_name_short = '" . $user . "' and user_password = '******' limit 1");
        if (mysql_num_rows($Q_login) > '0') {
            if ($is_external) {
                try {
                    $user_login = array('user_password_lastchanged' => mysql_result($Q_login, 0, 'user_password_lastchanged'));
                    loginPWcheckAge($user_login);
                } catch (Exception $e) {
                    $external_failed = true;
                    $age_failed = true;
                }
            }
            if (mysql_result($Q_login, 0, 'deactivated')) {
                $deactivated = true;
            } elseif ($is_external && !mysql_result($Q_login, 0, 'user_password_complex')) {
                $external_failed = true;
                $complex_failed = true;
            } elseif (!$external_failed) {
                $_SESSION['WEBAUTH_VALID'] = true;
                $_SESSION['WEBAUTH_USER'] = $user;
                $_SESSION['WEBAUTH_PW'] = $pass;
                // New variabels (JM-booking)

Esempio n. 3

0

Mostra file

File: login.php Progetto: hnJaermuseet/JM-booking

/**
 * Validates if a password is suitable for external use
 *
 * @param array   User (from getUser())
 * @param string  Password
 */
function loginPWcheckExternal($user, $password)
{
    global $login_password_external_complex, $login_password_external_minchar, $login_password_external_maxage;
    // Check length
    if (strlen($password) < $login_password_external_minchar) {
        throw new Exception(_h('Password too short. Must be at least ') . $login_password_external_minchar . ' ' . _h('characters') . '.');
    }
    loginPWcheckAge($user);
    // Check complexity
    // http://technet.microsoft.com/en-us/library/cc786468%28WS.10%29.aspx
    if ($login_password_external_complex) {
        // TODO:
        // Must not contain user_name
        $names = split(' ', $user['user_name']);
        // Do not parse for all the delimiters
        foreach ($names as $name) {
            if (strlen($name) > 1 && strpos(strtolower($password), strtolower($name)) !== FALSE) {
                throw new Exception(_h('Password can not contain on of the users names (first or last).'));
            }
        }
        // Must contain 3 of 4:
        $contains = 0;
        if (preg_match('([A-Z])', $password)) {
            $contains++;
        }
        if (preg_match('([a-z])', $password)) {
            $contains++;
        }
        if (preg_match('([0-9])', $password)) {
            $contains++;
        }
        $found = false;
        $checkfor = '~!@#$%^&*_-+=`|\\(){}[]:;"\'<>,.?/';
        for ($i = 0; $i < +strlen($checkfor); $i++) {
            if (strpos($password, $checkfor[$i]) !== FALSE) {
                $found = true;
            }
        }
        if ($found) {
            $contains++;
        }
        if ($contains < 3) {
            throw new Exception(_h('Password not complex enough. Must contain lower and upper case characters and a number.'));
        }
    }
}

Esempio n. 4

0

Mostra file

File: admin_user2.php Progetto: hnJaermuseet/JM-booking

                echo '&nbsp;';
            }
            echo '</td>' . chr(10);
            echo '		<td class="rightsHover" title="' . $rights['sync'] . '">';
            if ($user['user_ews_sync']) {
                echo 'X';
            } else {
                echo '&nbsp;';
            }
            echo '</td>' . chr(10);
            echo '		<td class="rightsHover" title="' . $rights['external'] . '">';
            try {
                if ($user['user_password_complex'] != '1') {
                    throw new Exception('');
                }
                loginPWcheckAge($user);
                echo 'X';
            } catch (Exception $e) {
                echo '&nbsp;';
            }
            echo '</td>' . chr(10);
            echo '	</tr>' . chr(10) . chr(10);
            //echo '- <br>'.chr(10);
        }
        echo '</table>' . chr(10);
        echo '<ul>' . '<li>1, ' . $rights[1] . '</li>' . '<li>2, ' . $rights[2] . '</li>' . '<li>3, ' . $rights[3] . '</li>' . '<li>4, ' . $rights[4] . '</li>' . '<li>5, ' . $rights[5] . '</li>' . '<li>6, ' . $rights[6] . '</li>' . '<li>7, ' . $rights[7] . '</li>' . '<li>8, ' . $rights[8] . '</li>' . '<li>9, ' . $rights[9] . '</li>' . '<li>10, ' . $rights[10] . '</li>' . '<li>11, ' . $rights[11] . '</li>' . '</ul>';
    }
}
echo '</td>
</tr>
</table>

Esempi in PHP per loginPWcheckAge