/**
* Check auth against list of login=>pwd. Sets user if applicable, returns bool
*
*/
function yourls_check_username_password()
{
global $yourls_user_passwords;
if (isset($yourls_user_passwords[$_REQUEST['username']]) && yourls_check_password_hash($_REQUEST['username'], $_REQUEST['password'])) {
yourls_set_user($_REQUEST['username']);
return true;
}
return false;
}
/**
* Verify submitted form meets requirements
* - Current password must be correct
* - New password must match confirm new password
* - Minimum length met
* - If set, have one digit
* - If set, have one special character
* - If set, have at least one uppercase and one lowercase letter
*
* @return string $error_message
*/
function vva_change_password_get_form_errors()
{
$error_message = NULL;
if (!yourls_check_password_hash(YOURLS_USER, $_REQUEST['current_password'])) {
$error_message .= 'Error: your current password is incorrect<br />';
}
if ($_REQUEST['new_password'] !== $_REQUEST['confirm_new_password']) {
$error_message .= 'Error: New Password and Confirm New Password do not match<br />';
}
if (strlen($_REQUEST['new_password']) < VVA_CHANGE_PASSWORD_MINIMUM_LENGTH) {
$error_message .= sprintf('Error: New Password must be at least %d characters<br />', VVA_CHANGE_PASSWORD_MINIMUM_LENGTH);
}
if (VVA_CHANGE_PASSWORD_USE_DIGITS && !preg_match('/[0-9]+/', $_REQUEST['new_password'])) {
$error_message .= 'Error: New Password must contain at least one digit<br />';
}
if (VVA_CHANGE_PASSWORD_USE_SPECIAL && !preg_match('/[\\W_]+/', $_REQUEST['new_password'])) {
$error_message .= 'Error: New Password must contain at least one special character<br />';
}
if (VVA_CHANGE_PASSWORD_USE_UPPERCASE && (!preg_match('/[a-z]+/', $_REQUEST['new_password']) || !preg_match('/[A-Z]+/', $_REQUEST['new_password']))) {
$error_message .= 'Error: New Password must contain at least one lowercase and one uppercase letter<br />';
}
return $error_message;
}
