/**
* Validates given password.
*
* @return array
*/
public function validatePassword()
{
if (!UserRegistrationUtil::isSecurePassword($this->parameters['password'])) {
return array('isValid' => false, 'error' => 'notSecure');
}
return array('isValid' => true);
}
/**
* @see \wcf\form\IForm::validate()
*/
public function validate()
{
parent::validate();
// password
if (!WCF::getUser()->authData) {
if (empty($this->password)) {
throw new UserInputException('password');
}
if (!WCF::getUser()->checkPassword($this->password)) {
throw new UserInputException('password', 'false');
}
}
// user name
if (WCF::getSession()->getPermission('user.profile.canRename') && $this->username != WCF::getUser()->username) {
if (mb_strtolower($this->username) != mb_strtolower(WCF::getUser()->username)) {
if (WCF::getUser()->lastUsernameChange + WCF::getSession()->getPermission('user.profile.renamePeriod') * 86400 > TIME_NOW) {
throw new UserInputException('username', 'alreadyRenamed');
}
// checks for forbidden chars (e.g. the ",")
if (!UserRegistrationUtil::isValidUsername($this->username)) {
throw new UserInputException('username', 'notValid');
}
// checks if user name exists already.
if (!UserUtil::isAvailableUsername($this->username)) {
throw new UserInputException('username', 'notUnique');
}
}
}
// password
if (!WCF::getUser()->authData) {
if (!empty($this->newPassword) || !empty($this->confirmNewPassword)) {
if (empty($this->newPassword)) {
throw new UserInputException('newPassword');
}
if (empty($this->confirmNewPassword)) {
throw new UserInputException('confirmNewPassword');
}
if (!UserRegistrationUtil::isSecurePassword($this->newPassword)) {
throw new UserInputException('newPassword', 'notSecure');
}
if ($this->newPassword != $this->confirmNewPassword) {
throw new UserInputException('confirmNewPassword', 'notEqual');
}
}
}
// email
if (WCF::getSession()->getPermission('user.profile.canChangeEmail') && $this->email != WCF::getUser()->email && $this->email != WCF::getUser()->newEmail) {
if (empty($this->email)) {
throw new UserInputException('email');
}
// checks if only letter case has changed
if (mb_strtolower($this->email) != mb_strtolower(WCF::getUser()->email)) {
// check for valid email (one @ etc.)
if (!UserRegistrationUtil::isValidEmail($this->email)) {
throw new UserInputException('email', 'notValid');
}
// checks if email already exists.
if (!UserUtil::isAvailableEmail($this->email)) {
throw new UserInputException('email', 'notUnique');
}
}
// checks confirm input
if (mb_strtolower($this->email) != mb_strtolower($this->confirmEmail)) {
throw new UserInputException('confirmEmail', 'notEqual');
}
}
}
/**
* @see \wcf\acp\form\UserAddForm::validatePassword()
*/
public function validatePassword($password, $confirmPassword)
{
if (!$this->isExternalAuthentication) {
parent::validatePassword($password, $confirmPassword);
// check security of the given password
if (!UserRegistrationUtil::isSecurePassword($password)) {
throw new UserInputException('password', 'notSecure');
}
}
}
