Пример #1
0
 /**
  * Validate a password
  *
  * @param   string  $password
  * @param   array   $rules
  * @param   mixed   $user
  * @param   string  $name
  * @return  array
  */
 public static function verify($password, $rules, $user, $name = null)
 {
     if (empty($rules)) {
         return array();
     }
     $fail = array();
     $stats = self::analyze($password);
     foreach ($rules as $rule) {
         if ($rule['rule'] == 'minCharacterClasses') {
             if ($stats['uniqueClasses'] < $rule['value']) {
                 $fail[] = $rule['failuremsg'];
             }
         } else {
             if ($rule['rule'] == 'maxCharacterClasses') {
                 if ($stats['uniqueClasses'] > $rule['value']) {
                     $fail[] = $rule['failuremsg'];
                 }
             } else {
                 if ($rule['rule'] == 'minPasswordLength') {
                     if ($stats['count'][0] < $rule['value']) {
                         $fail[] = $rule['failuremsg'];
                     }
                 } else {
                     if ($rule['rule'] == 'maxPasswordLength') {
                         if ($stats['count'][0] > $rule['value']) {
                             $fail[] = $rule['failuremsg'];
                         }
                     } else {
                         if ($rule['rule'] == 'maxClassCharacters') {
                             if (empty($rule['class'])) {
                                 continue;
                             }
                             $class = $rule['class'];
                             if (empty($stats['count'][$class])) {
                                 $stats['count'][$class] = 0;
                             }
                             if ($stats['count'][$class] > $rule['value']) {
                                 $fail[] = $rule['failuremsg'];
                             }
                         } else {
                             if ($rule['rule'] == 'minClassCharacters') {
                                 if (empty($rule['class'])) {
                                     continue;
                                 }
                                 $class = $rule['class'];
                                 if (empty($stats['count'][$class])) {
                                     $stats['count'][$class] = 0;
                                 }
                                 if ($stats['count'][$class] < $rule['value']) {
                                     $fail[] = $rule['failuremsg'];
                                 }
                             } else {
                                 if ($rule['rule'] == 'minUniqueCharacters') {
                                     if ($stats['uniqueCharacters'] < $rule['value']) {
                                         $fail[] = $rule['failuremsg'];
                                     }
                                 } else {
                                     if ($rule['rule'] == 'notBlacklisted') {
                                         if (Blacklist::basedOnBlackList($password)) {
                                             $fail[] = $rule['failuremsg'];
                                         }
                                     } else {
                                         if ($rule['rule'] == 'notNameBased') {
                                             if ($name == null) {
                                                 if (is_numeric($user)) {
                                                     $xuser = User::oneOrNew($user);
                                                 } else {
                                                     $xuser = User::oneByUsername($user);
                                                 }
                                                 if (!is_object($xuser)) {
                                                     continue;
                                                 }
                                                 $givenName = $xuser->get('givenName');
                                                 $middleName = $xuser->get('middleName');
                                                 $surname = $xuser->get('surname');
                                                 $name = $givenName;
                                                 if (!empty($middleName)) {
                                                     if (empty($name)) {
                                                         $name = $middleName;
                                                     } else {
                                                         $name .= ' ' . $middleName;
                                                     }
                                                 }
                                                 if (!empty($surname)) {
                                                     if (empty($name)) {
                                                         $name = $surname;
                                                     } else {
                                                         $name .= ' ' . $surname;
                                                     }
                                                 }
                                             }
                                             if (self::isBasedOnName($password, $name)) {
                                                 $fail[] = $rule['failuremsg'];
                                             }
                                         } else {
                                             if ($rule['rule'] == 'notUsernameBased') {
                                                 if (is_numeric($user)) {
                                                     $xuser = User::oneOrNew($user);
                                                     if (!is_object($xuser)) {
                                                         continue;
                                                     }
                                                     $user = $xuser->get('username');
                                                 }
                                                 if (self::isBasedOnUsername($password, $user)) {
                                                     $fail[] = $rule['failuremsg'];
                                                 }
                                             } else {
                                                 if ($rule['rule'] == 'notReused') {
                                                     $date = new \DateTime('now');
                                                     $date->modify("-" . $rule['value'] . "day");
                                                     $phist = History::getInstance($user);
                                                     if (!is_object($phist)) {
                                                         continue;
                                                     }
                                                     if ($phist->exists($password, $date->format("Y-m-d H:i:s"))) {
                                                         $fail[] = $rule['failuremsg'];
                                                     }
                                                 } else {
                                                     if ($rule['rule'] == 'notRepeat') {
                                                         if (Password::passwordMatches($user, $password, true)) {
                                                             $fail[] = $rule['failuremsg'];
                                                         }
                                                     } else {
                                                         if ($rule['rule'] === 'true') {
                                                         } else {
                                                             if ($rule['rule'] == 'notStale') {
                                                             } else {
                                                                 $fail[] = $rule['failuremsg'];
                                                             }
                                                         }
                                                     }
                                                 }
                                             }
                                         }
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     if (empty($fail)) {
         $fail = array();
     }
     return $fail;
 }