/** * Validates given password. * * @return array */ public function validatePassword() { if (!UserRegistrationUtil::isSecurePassword($this->parameters['password'])) { return array('isValid' => false, 'error' => 'notSecure'); } return array('isValid' => true); }
/** * @see \wcf\form\IForm::validate() */ public function validate() { parent::validate(); // password if (!WCF::getUser()->authData) { if (empty($this->password)) { throw new UserInputException('password'); } if (!WCF::getUser()->checkPassword($this->password)) { throw new UserInputException('password', 'false'); } } // user name if (WCF::getSession()->getPermission('user.profile.canRename') && $this->username != WCF::getUser()->username) { if (mb_strtolower($this->username) != mb_strtolower(WCF::getUser()->username)) { if (WCF::getUser()->lastUsernameChange + WCF::getSession()->getPermission('user.profile.renamePeriod') * 86400 > TIME_NOW) { throw new UserInputException('username', 'alreadyRenamed'); } // checks for forbidden chars (e.g. the ",") if (!UserRegistrationUtil::isValidUsername($this->username)) { throw new UserInputException('username', 'notValid'); } // checks if user name exists already. if (!UserUtil::isAvailableUsername($this->username)) { throw new UserInputException('username', 'notUnique'); } } } // password if (!WCF::getUser()->authData) { if (!empty($this->newPassword) || !empty($this->confirmNewPassword)) { if (empty($this->newPassword)) { throw new UserInputException('newPassword'); } if (empty($this->confirmNewPassword)) { throw new UserInputException('confirmNewPassword'); } if (!UserRegistrationUtil::isSecurePassword($this->newPassword)) { throw new UserInputException('newPassword', 'notSecure'); } if ($this->newPassword != $this->confirmNewPassword) { throw new UserInputException('confirmNewPassword', 'notEqual'); } } } // email if (WCF::getSession()->getPermission('user.profile.canChangeEmail') && $this->email != WCF::getUser()->email && $this->email != WCF::getUser()->newEmail) { if (empty($this->email)) { throw new UserInputException('email'); } // checks if only letter case has changed if (mb_strtolower($this->email) != mb_strtolower(WCF::getUser()->email)) { // check for valid email (one @ etc.) if (!UserRegistrationUtil::isValidEmail($this->email)) { throw new UserInputException('email', 'notValid'); } // checks if email already exists. if (!UserUtil::isAvailableEmail($this->email)) { throw new UserInputException('email', 'notUnique'); } } // checks confirm input if (mb_strtolower($this->email) != mb_strtolower($this->confirmEmail)) { throw new UserInputException('confirmEmail', 'notEqual'); } } }
/** * @see \wcf\acp\form\UserAddForm::validatePassword() */ public function validatePassword($password, $confirmPassword) { if (!$this->isExternalAuthentication) { parent::validatePassword($password, $confirmPassword); // check security of the given password if (!UserRegistrationUtil::isSecurePassword($password)) { throw new UserInputException('password', 'notSecure'); } } }