checkPasswordSimilarity() public static method

Checks whether a password is too similar to a dictionary of strings.
public static checkPasswordSimilarity ( string $password, array $dict, float $max = 80 )
$password string A password.
$dict array A dictionary to check for similarity, for example the user name or an old password.
$max float The maximum allowed similarity in percent.
Horde_Auth Class Documentation
示例#1
0
 /**
  * @param string $backend_key  Backend key.
  */
 private function _changePassword($backend_key)
 {
     global $conf, $injector, $notification, $registry;
     // Check for users that cannot change their passwords.
     if (in_array($this->_userid, $conf['user']['refused'])) {
         $notification->push(sprintf(_("You can't change password for user %s"), $userid), 'horde.error');
         return;
     }
     // We must be passed the old (current) password.
     if (!isset($this->_vars->oldpassword)) {
         $notification->push(_("You must give your current password"), 'horde.warning');
         return;
     }
     if (!isset($this->_vars->newpassword0)) {
         $notification->push(_("You must give your new password"), 'horde.warning');
         return;
     }
     if (!isset($this->_vars->newpassword1)) {
         $notification->push(_("You must verify your new password"), 'horde.warning');
         return;
     }
     if ($this->_vars->newpassword0 != $this->_vars->newpassword1) {
         $notification->push(_("Your new passwords didn't match"), 'horde.warning');
         return;
     }
     if ($this->_vars->newpassword0 == $this->_vars->oldpassword) {
         $notification->push(_("Your new password must be different from your current password"), 'horde.warning');
         return;
     }
     $b_ptr = $this->_backends[$backend_key];
     try {
         Horde_Auth::checkPasswordPolicy($this->_vars->newpassword0, isset($b_ptr['policy']) ? $b_ptr['policy'] : array());
     } catch (Horde_Auth_Exception $e) {
         $notification->push($e, 'horde.warning');
         return;
     }
     // Do some simple strength tests, if enabled in the config file.
     if (!empty($conf['password']['strengthtests'])) {
         try {
             Horde_Auth::checkPasswordSimilarity($this->_vars->newpassword0, array($this->_userid, $this->_vars->oldpassword));
         } catch (Horde_Auth_Exception $e) {
             $notification->push($e, 'horde.warning');
             return;
         }
     }
     try {
         $driver = $injector->getInstance('Passwd_Factory_Driver')->create($backend_key);
     } catch (Passwd_Exception $e) {
         Horde::log($e);
         $notification->push(_("Password module is not properly configured"), 'horde.error');
         return;
     }
     try {
         $driver->changePassword($this->_userid, $this->_vars->oldpassword, $this->_vars->newpassword0);
     } catch (Exception $e) {
         $notification->push(sprintf(_("Failure in changing password for %s: %s"), $b_ptr['name'], $e->getMessage()), 'horde.error');
         return;
     }
     $notification->push(sprintf(_("Password changed on %s."), $b_ptr['name']), 'horde.success');
     try {
         Horde::callHook('password_changed', array($this->_userid, $this->_vars->oldpassword, $this->_vars->newpassword0), 'passwd');
     } catch (Horde_Exception_HookNotSet $e) {
     }
     if (!empty($b_ptr['logout'])) {
         $logout_url = $registry->getLogoutUrl(array('msg' => _("Your password has been succesfully changed. You need to re-login to the system with your new password."), 'reason' => Horde_Auth::REASON_MESSAGE));
         $registry->clearAuth();
         $logout_url->redirect();
     }
     if ($this->_vars->return_to) {
         $url = new Horde_Url($return_to);
         $url->redirect();
     }
 }