/**
* Validate a password
*
* @param string $password
* @param array $rules
* @param mixed $user
* @param string $name
* @return array
*/
public static function verify($password, $rules, $user, $name = null)
{
if (empty($rules)) {
return array();
}
$fail = array();
$stats = self::analyze($password);
foreach ($rules as $rule) {
if ($rule['rule'] == 'minCharacterClasses') {
if ($stats['uniqueClasses'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxCharacterClasses') {
if ($stats['uniqueClasses'] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minPasswordLength') {
if ($stats['count'][0] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxPasswordLength') {
if ($stats['count'][0] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minUniqueCharacters') {
if ($stats['uniqueCharacters'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notBlacklisted') {
if (Blacklist::basedOnBlackList($password)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notNameBased') {
if ($name == null) {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
} else {
$xuser = User::oneByUsername($user);
}
if (!is_object($xuser)) {
continue;
}
$givenName = $xuser->get('givenName');
$middleName = $xuser->get('middleName');
$surname = $xuser->get('surname');
$name = $givenName;
if (!empty($middleName)) {
if (empty($name)) {
$name = $middleName;
} else {
$name .= ' ' . $middleName;
}
}
if (!empty($surname)) {
if (empty($name)) {
$name = $surname;
} else {
$name .= ' ' . $surname;
}
}
}
if (self::isBasedOnName($password, $name)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notUsernameBased') {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
if (!is_object($xuser)) {
continue;
}
$user = $xuser->get('username');
}
if (self::isBasedOnUsername($password, $user)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notReused') {
$date = new \DateTime('now');
$date->modify("-" . $rule['value'] . "day");
$phist = History::getInstance($user);
if (!is_object($phist)) {
continue;
}
if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notRepeat') {
if (Password::passwordMatches($user, $password, true)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] === 'true') {
} else {
if ($rule['rule'] == 'notStale') {
} else {
$fail[] = $rule['failuremsg'];
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
if (empty($fail)) {
$fail = array();
}
return $fail;
}
/**
* Removes [a] password blacklist item(s)
*
* @return void
*/
public function removeTask()
{
// Check for request forgeries
Request::checkToken();
if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.delete', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming
$ids = Request::getVar('id', array());
$ids = !is_array($ids) ? array($ids) : $ids;
$i = 0;
// Do we have any IDs?
if (!empty($ids)) {
// Loop through each ID and delete the necessary items
foreach ($ids as $id) {
$id = intval($id);
// Remove the record
$row = Blacklist::oneOrFail($id);
if (!$row->destroy()) {
Notify::error($row->getError());
continue;
}
$i++;
}
} else {
Notify::warning(Lang::txt('COM_MEMBERS_PASSWORD_BLACKLIST_DELETE_NO_ROW_SELECTED'));
}
// Output messsage and redirect
if ($i) {
Notify::success(Lang::txt('COM_MEMBERS_PASSWORD_BLACKLIST_DELETE_SUCCESS'));
}
$this->cancelTask();
}