public function validate()
{
# Overloading validate method: http://programmers.stackexchange.com/a/274135
list($old_field, $new_field, $confirm_field) = func_get_args();
$user = User::current();
$old_password = new PasswordValidator($this->request->post($old_field, ''), $user);
$new_password = new PasswordValidator($this->request->post($new_field, ''), $user);
$confirmation = new PasswordValidator($this->request->post($confirm_field, ''), $user);
$this->fields = array($old_field => $old_password, $new_field => $new_password, $confirm_field => $confirmation);
$old_password->validate_present();
$new_password->validate_present();
$confirmation->validate_present();
if ($old_password->is_valid() && $new_password->is_valid()) {
$old_password->authenticate_user_password();
$new_password->validate_min_length();
$new_password->validate_not_user_name();
$this->validate_confirmation_match($new_field, $confirm_field);
}
if ($new_password->is_valid() && $confirmation->is_valid()) {
$this->set_valid_field_value($new_field, $new_password->value);
$this->set_valid_field_value($confirm_field, $confirmation->value);
}
$this->flatten_validator_errors();
return $this->is_valid();
}
public function testValidateMinScore()
{
$v = new PasswordValidator();
$v->characterStrength(3, array("lowercase", "uppercase", "digits", "punctuation"));
$r = $v->validate('aA', new Member());
$this->assertFalse($r->valid(), 'Passing too few tests');
$r = $v->validate('aA1', new Member());
$this->assertTrue($r->valid(), 'Passing enough tests');
}
public function Validate()
{
include 'class.password.validator.php';
$pwdValidator = new PasswordValidator();
if ($pwdValidator->Validate($this->_data)->isValidated()) {
$this->_response = array("response" => array("message" => "Password changed successfully."));
return true;
} else {
$this->_response = array("response" => array("message" => $pwdValidator->getMessage()));
return false;
}
}
public function testPasswordValidatorComparesStoredPasswordAgainstProvidedPassword()
{
$passwordEncryption = new PasswordEncryption();
$salt = $passwordEncryption->Salt();
$current = "some password";
$user = new User();
$encrypted = $passwordEncryption->Encrypt($current, $salt);
$user->encryptedPassword = $encrypted;
$user->passwordSalt = $salt;
$validator = new PasswordValidator($current, $user);
$validator->Validate();
$this->assertTrue($validator->IsValid());
}
function __construct()
{
parent::__construct();
$this->minLength(7);
$this->checkHistoricalPasswords(6);
$this->characterStrength(3, array('lowercase', 'uppercase', 'digits', 'punctuation'));
}
function __construct()
{
parent::__construct();
$this->minLength(6);
$this->checkHistoricalPasswords(2);
$this->characterStrength(2, array("uppercase", "digits"));
}
public function __construct()
{
parent::__construct();
$this->minLength(8);
$this->checkHistoricalPasswords(6);
$this->characterStrength(4, array("lowercase", "uppercase", "digits", "punctuation"));
}
public function __construct($confirmed = true, $validator = null)
{
$this->confirmed = $confirmed;
if (!$validator) {
$this->passwordvalidator = Member::password_validator();
if (!$this->passwordvalidator) {
$this->passwordvalidator = PasswordValidator::create();
$this->passwordvalidator->minLength(5);
$this->passwordvalidator->characterStrength(2, array("lowercase", "uppercase", "digits", "punctuation"));
}
}
}
/**
* Validates that the information we've just received from the blog settings
* form is valid... We have to be really sure about this one!!!
*/
function validate()
{
// if all correct, we can proceed
$this->_userPassword = trim($this->_request->getValue("userSettingsPassword"));
$this->_userConfirmPassword = trim($this->_request->getValue("confirmPassword"));
$valid = parent::validate();
// check that the password is correct and confirm it
if ($this->_userPassword != "") {
$passwordVal = new PasswordValidator();
if (!$passwordVal->validate($this->_userPassword)) {
$this->_form->setFieldValidationStatus("userSettingsPassword", false);
$this->setCommonData(true);
return false;
}
if ($this->_userPassword != $this->_userConfirmPassword) {
$this->_form->setFieldValidationStatus("confirmPassword", false);
$this->setCommonData(true);
return false;
}
}
return $valid;
}
function getDefaultMessage()
{
$settings = $this->validator->getSettingsForJS();
$message = [];
$label = $this->field->Title();
if (isset($settings['minimumChars'])) {
$message[] = _t('ValidPassword.DESC-PASSWORD_MINIMUM_CHARACTERS', '{field} must be at least {min} characters.', ['field' => $label, 'min' => $settings['minimumChars']]);
}
if (isset($settings['minimumScore'])) {
$message[] = _t('ValidPassword.DESC-PASSWORD_MINIMUM_SCORE', '{field} must pass at least {score} of the following requirements: ', ['field' => $label, 'score' => $settings['minimumScore']]);
}
if (isset($settings['tests'])) {
$tests = array();
if (in_array('lowercase', $settings['tests'])) {
$tests[] = _t('ValidPassword.ONE_LOWERCASE_LETTER', 'one lowercase letter');
}
if (in_array('uppercase', $settings['tests'])) {
$tests[] = _t('ValidPassword.ONE_UPPERCASE_LETTER', 'one uppercase letter');
}
if (in_array('digits', $settings['tests'])) {
$tests[] = _t('ValidPassword.ONE_NUMBER', 'one number');
}
if (in_array('punctuation', $settings['tests'])) {
$tests[] = _t('ValidPassword.ONE_SYMBOL', 'one symbol');
}
if (count($tests)) {
if (count($tests) > 1) {
$lastTest = array_pop($tests);
$test = implode(', ', $tests) . ' ' . _t('AND', 'and') . ' ' . $lastTest;
} else {
$test = array_pop($tests);
}
$message[] = _t('ValidPassword.DESC-PASSWORD_REQUIREMENTS', '{field} should have at least {tests}.', ['field' => $label, 'tests' => $test]);
}
}
return implode(' ', $message);
}
<?php
// Add a password complexity validator.
$validator = new PasswordValidator();
// The minimum length may be lowered when required.
$validator->minLength(10);
$validator->characterStrength(2, array('lowercase', 'uppercase', 'digits'));
Member::set_password_validator($validator);
// Remove the duplicate broken link reports.
SS_Report::add_excluded_reports(array('Multisites_SideReport_BrokenLinks', 'Multisites_SideReport_BrokenFiles', 'Multisites_SideReport_BrokenVirtualPages', 'Multisites_SideReport_BrokenRedirectorPages'));
<?php
require_once 'classes/MyIncludes.php';
$msg = '';
$username = '';
$password = '';
$errors = [];
$usernameValidator = new UsernameValidator();
$passwordValidator = new PasswordValidator();
if (isUserLoggedIn()) {
header('Location: account.php');
exit;
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = getParamUsername();
$password = getParamPassword();
if (!$usernameValidator->isValid($username)) {
$errors['invaliduser'] = "******";
}
if (!$passwordValidator->isValid($password)) {
$errors['invalidpassword'] = "******";
}
if (count($errors) == 0) {
logInUser($username);
header('Location: account.php');
exit;
}
}
}
function logInUser($username)
{
<?php
require_once 'classes/initialize.php';
if (isset($_SESSION['username'])) {
header('Location: account.php');
}
$usernameValidator = new UsernameValidator();
$passwordValidator = new PasswordValidator();
$errorManager = new ErrorManager();
$userLogin = new UserLogin();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!$usernameValidator->isValid($_POST['username'])) {
$errorManager->addError('username', 'Please enter a valid username');
}
if (!$passwordValidator->isValid($_POST['password'])) {
$errorManager->addError('password', 'Please enter a valid password');
}
if (!$errorManager->hasErrors()) {
$userLogin->startSession($_POST['username']);
header('Location: account.php');
exit;
}
}
require_once 'header.php';
?>
<form action="index.php" method="POST">
<div>
<label>Username:</label> <input type="text" name="username" value="" placeholder="Enter Username">
<span class="error"><?php
$user_log = new UserLogin();
$message = '';
$error = ['Invalid password', 'Invalid username', "Invalid username and password"];
// $hasError = new ErrorManager();
if (isset($_SESSION['username']) && strlen($_SESSION['username']) > 0) {
if ($user_log->isLogged()) {
header('Location: account.php');
exit;
}
} else {
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$usernameValidator = new UsernameValidator();
$passwordValidator = new PasswordValidator();
// if()){
// // if(!(strlen($username) > 5)){
// echo "dog";
// $user_log->startSession();
// // }
// } else {
// echo "error username is invalid";
// }
if ($passwordValidator->isValid($password) && $usernameValidator->isValid($username)) {
// if(strlen($_POST['password']) > 7){
$_SESSION['username'] = $_POST['username'];
$user_log->startSession();
header('Location: account.php');
exit;
// }
<?php
include_once 'myincludes.php';
$username = "";
$password = "";
$msg = "";
if (isset($_SESSION["isLoggedIn"])) {
if ($_SESSION["isLoggedIn"] == true) {
header('Location: account.php');
}
}
$usernameValidator = new UsernameValidator();
$passwordValidator = new PasswordValidator();
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (isset($_POST['username'])) {
$_SESSION['user'] = $_POST['username'];
if ($usernameValidator->isValid($_SESSION['user'])) {
if (isset($_POST['password'])) {
$_SESSION['pass'] = $_POST['password'];
if ($passwordValidator->isValid($_SESSION['pass'])) {
$_SESSION['isLoggedIn'] = true;
return header('Location: account.php');
exit;
} else {
$msg = "Your password in Invalid";
}
}
} else {
$msg = "Your username is Invalid";
}
}
<?php
include_once "Validator.php";
class PasswordValidator extends Validator
{
protected $pattern = "/^[a-zA-Z0-9!@#\$%^&*\\(\\)]{5,}\$/";
}
$passwordValidator = new PasswordValidator();
$passwordValidator->isValid($_SESSION["password"]);
function isPasswordValid($password)
{
$passwordValidator = new PasswordValidator();
return $passwordValidator->isValid($password);
}
<?php
require_once 'initialize.php';
$userLogin = new LoginOptions();
$userCheck = new UsernameValidator();
$passCheck = new PasswordValidator();
$errorMan = new ErrorManager();
session_start();
$user = '';
$pass = '';
if (isset($_SESSION['username'])) {
$userLogin->isLoggedIn();
}
if (isset($_POST['username'])) {
$user = $_POST['username'];
}
if (isset($_POST['password'])) {
$pass = $_POST['password'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($passCheck->isValid($pass)) {
if ($userCheck->isValid($user)) {
$_SESSION['username'] = $user;
$userLogin->isLoggedIn();
} else {
$errorMan->addError($user, 'Invalid Username. Username should be 5 alphabetic characters.');
}
} elseif ($userCheck->isValid($user)) {
$errorMan->addError($pass, 'Invalid Password. Password should be at least 5 alpha numeric characters.');
} else {
$errorMan->addError($user, 'Invalid Username. Username should be 5 alphabetic characters.');