summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--plugins/password/config.inc.php.dist11
-rw-r--r--plugins/password/localization/en_US.inc2
-rw-r--r--plugins/password/localization/pl_PL.inc2
-rw-r--r--plugins/password/password.php13
5 files changed, 26 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG
index e2fcf8e92..7dd9f224b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Password: added password strength options (#1486062)
- Fix LDAP partial result warning (#1485536)
- Fix delete in message view deletes permanently with flag_for_deletion=true (#1486101)
- Use faster/secure mt_rand() (#1486094)
diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist
index f526c7f3f..3950afca5 100644
--- a/plugins/password/config.inc.php.dist
+++ b/plugins/password/config.inc.php.dist
@@ -9,6 +9,14 @@ $rcmail_config['password_driver'] = 'sql';
// Default: false.
$rcmail_config['password_confirm_current'] = true;
+// Require the new password to be a certain length.
+// set to blank to allow passwords of any length
+$rcmail_config['password_minimum_length'] = 0;
+
+// Require the new password to contain a letter and punctuation character
+// Change to false to remove this check.
+$rcmail_config['password_require_nonalpha'] = false;
+
// SQL Driver options
// ------------------
@@ -134,8 +142,7 @@ $rcmail_config['password_ldap_force_replace'] = true;
// DirectAdmin Driver options
// --------------------------
// The host which changes the password
-// Use 'ssl://serverip' instead of 'tcp://serverip' when running DirectAdmin over SSL.
-$rcmail_config['password_directadmin_host'] = 'tcp://localhost';
+$rcmail_config['password_directadmin_host'] = 'localhost';
// TCP port used for DirectAdmin connections
$rcmail_config['password_directadmin_port'] = 2222;
diff --git a/plugins/password/localization/en_US.inc b/plugins/password/localization/en_US.inc
index 6c64cc04d..75fe8618f 100644
--- a/plugins/password/localization/en_US.inc
+++ b/plugins/password/localization/en_US.inc
@@ -14,5 +14,7 @@ $messages['passwordinconsistency'] = 'Passwords do not match, please try again.'
$messages['crypterror'] = 'Could not save new password. Encrypt function missing.';
$messages['connecterror'] = 'Could not save new password. Connection error.';
$messages['internalerror'] = 'Could not save new password.';
+$messages['passwordshort'] = 'Your password must be at least $length characters long.';
+$messages['passwordweak'] = 'Your new password must include at least one number and one punctuation character.';
?>
diff --git a/plugins/password/localization/pl_PL.inc b/plugins/password/localization/pl_PL.inc
index 4520d7966..774437a28 100644
--- a/plugins/password/localization/pl_PL.inc
+++ b/plugins/password/localization/pl_PL.inc
@@ -14,5 +14,7 @@ $messages['passwordinconsistency'] = 'Hasła nie pasują, spróbuj ponownie.';
$messages['crypterror'] = 'Nie udało się zapisać nowego hasła. Brak funkcji kodującej.';
$messages['connecterror'] = 'Nie udało się zapisać nowego hasła. Błąd połączenia.';
$messages['internalerror'] = 'Nie udało się zapisać nowego hasła.';
+$messages['passwordshort'] = 'Hasło musi posiadać co najmniej $length znaków.';
+$messages['passwordweak'] = 'Hasło musi zawierać co najmniej jedną cyfrę i znak interpunkcyjny.';
?>
diff --git a/plugins/password/password.php b/plugins/password/password.php
index 0e5e1efff..3a7050bdc 100644
--- a/plugins/password/password.php
+++ b/plugins/password/password.php
@@ -79,16 +79,27 @@ class password extends rcube_plugin
$rcmail->output->set_pagetitle($this->gettext('changepasswd'));
$confirm = $rcmail->config->get('password_confirm_current');
+ $required_length = intval($rcmail->config->get('password_minimum_length'));
+ $check_strength = $rcmail->config->get('password_require_nonalpha');
if (($confirm && !isset($_POST['_curpasswd'])) || !isset($_POST['_newpasswd'])) {
$rcmail->output->command('display_message', $this->gettext('nopassword'), 'error');
}
else {
+
$curpwd = get_input_value('_curpasswd', RCUBE_INPUT_POST);
$newpwd = get_input_value('_newpasswd', RCUBE_INPUT_POST);
- if ($confirm && $rcmail->decrypt($_SESSION['password']) != $curpwd)
+ if ($confirm && $rcmail->decrypt($_SESSION['password']) != $curpwd) {
$rcmail->output->command('display_message', $this->gettext('passwordincorrect'), 'error');
+ }
+ else if ($required_length && strlen($newpwd) < $required_length) {
+ $rcmail->output->command('display_message', $this->gettext(
+ array('name' => 'passwordshort', 'vars' => array('length' => $required_length))), 'error');
+ }
+ else if ($check_strength && (!preg_match("/[0-9]/", $newpwd) || !preg_match("/[^A-Za-z0-9]/", $newpwd))) {
+ $rcmail->output->command('display_message', $this->gettext('passwordweak'), 'error');
+ }
else if (!($res = $this->_save($curpwd,$newpwd))) {
$rcmail->output->command('display_message', $this->gettext('successfullysaved'), 'confirmation');
$_SESSION['password'] = $rcmail->encrypt($newpwd);