Merge 5061949f94 into f518e5e8c0

src/mibew/libs/config.php

@@ -56,4 +56,6 @@ $default_locale = "en"; /* if user does not provide known lang */
  */
 $use_open_basedir_protection = false;
 
+require_once('password-policy.php');
+
 ?>

src/mibew/libs/password-policy.php

@@ -0,0 +1,29 @@
+<?php
+
+/*
+ * You can set this to a different value.
+ * See http://www.php.net/manual/en/language.types.callable.php
+ */
+$password_policy = 'standard_password_policy';
+
+function standard_password_policy ($pwd) {
+	if (strlen($pwd) < 8) {
+		return false;
+	}
+	if (strlen($pwd) >= 16) {
+		return true;
+	}
+	
+	$character_classes = 0;
+	if (preg_match('/[A-Z]/', $pwd)) $character_classes++;
+	if (preg_match('/[a-z]/', $pwd)) $character_classes++;
+	if (preg_match('/[0-9]/', $pwd)) $character_classes++;
+	if (preg_match('/[^A-Za-z0-9]/', $pwd)) $character_classes++;
+	
+	if ($character_classes >= 3) {
+		return true;
+	}
+	return false;
+}
+
+?>

src/mibew/locales/en/properties

@@ -248,6 +248,7 @@ menu.translate=Localize
 menu.updates.content=Check for news and updates.
 menu.updates=Updates
 my_settings.error.password_match=Entered passwords do not match
+my_settings.error.password_policy=Password is too simple
 no_such_operator=No such Operator
 notification.back_to_list=Back to the list
 notification.intro=Contents of sent notification.

src/mibew/operator/operator.php

@@ -83,6 +83,11 @@ if ((isset($_POST['opid']) || isset($_POST['login'])) && isset($_POST['password'
 
 	if ($password != $passwordConfirm)
 		$errors[] = getlocal("my_settings.error.password_match");
+	
+	if ($password_policy) {
+		if (!call_user_func($password_policy, $password))
+			$errors[] = getlocal("my_settings.error.password_policy");
+	}
 
 	$existing_operator = operator_by_login($login);
 	if ((!$opId && $existing_operator) ||
@@ -161,4 +166,4 @@ prepare_menu($operator);
 setup_operator_settings_tabs($opId, 0);
 start_html_output();
 require('../view/agent.php');
-?>
+?>