/**
* Validate a password
*
* @param string $password
* @param array $rules
* @param mixed $user
* @param string $name
* @return array
*/
public static function verify($password, $rules, $user, $name = null)
{
if (empty($rules)) {
return array();
}
$fail = array();
$stats = self::analyze($password);
foreach ($rules as $rule) {
if ($rule['rule'] == 'minCharacterClasses') {
if ($stats['uniqueClasses'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxCharacterClasses') {
if ($stats['uniqueClasses'] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minPasswordLength') {
if ($stats['count'][0] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxPasswordLength') {
if ($stats['count'][0] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'maxClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] > $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minClassCharacters') {
if (empty($rule['class'])) {
continue;
}
$class = $rule['class'];
if (empty($stats['count'][$class])) {
$stats['count'][$class] = 0;
}
if ($stats['count'][$class] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'minUniqueCharacters') {
if ($stats['uniqueCharacters'] < $rule['value']) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notBlacklisted') {
if (Blacklist::basedOnBlackList($password)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notNameBased') {
if ($name == null) {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
} else {
$xuser = User::oneByUsername($user);
}
if (!is_object($xuser)) {
continue;
}
$givenName = $xuser->get('givenName');
$middleName = $xuser->get('middleName');
$surname = $xuser->get('surname');
$name = $givenName;
if (!empty($middleName)) {
if (empty($name)) {
$name = $middleName;
} else {
$name .= ' ' . $middleName;
}
}
if (!empty($surname)) {
if (empty($name)) {
$name = $surname;
} else {
$name .= ' ' . $surname;
}
}
}
if (self::isBasedOnName($password, $name)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notUsernameBased') {
if (is_numeric($user)) {
$xuser = User::oneOrNew($user);
if (!is_object($xuser)) {
continue;
}
$user = $xuser->get('username');
}
if (self::isBasedOnUsername($password, $user)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notReused') {
$date = new \DateTime('now');
$date->modify("-" . $rule['value'] . "day");
$phist = History::getInstance($user);
if (!is_object($phist)) {
continue;
}
if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] == 'notRepeat') {
if (Password::passwordMatches($user, $password, true)) {
$fail[] = $rule['failuremsg'];
}
} else {
if ($rule['rule'] === 'true') {
} else {
if ($rule['rule'] == 'notStale') {
} else {
$fail[] = $rule['failuremsg'];
}
}
}
}
}
}
}
}
}
}
}
}
}
}
}
if (empty($fail)) {
$fail = array();
}
return $fail;
}