-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathclsPasswdRules.php
More file actions
127 lines (108 loc) · 4.34 KB
/
Copy pathclsPasswdRules.php
File metadata and controls
127 lines (108 loc) · 4.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
<?php
//This class enforces rules for password length and conplexity.
//NOTE: I honestly can't remember whether I wrote this or downloaded it :-(
//It sort of looks like my work and I can't find matching text on Google,
//So I will hope that if I have stolen it, I can be pardoned.
//Assumptions:
//(1) Passwords will never be stored as unencrypted text
// nor returned to the user in any form (lost passwords cannot
// be retrieved; they must be reset for security reasons).
//(2) All password input can be HTML encoded after being checked, so
// any and all non-alphanumeric characters are allowed
//NOTE: HTML encoding changes the length of the password string!
//USAGE:
/*
$myPR=new PasswordRules(false);
$myPR->addRule("min",12,"/\S/","character");
$pw_result=$myPR->checkPassword($_POST['pwd']);
*/
class PasswordRules{
protected $_rules;
function ruleText($row) {
$retval='';
//check: rule type=minimum
if ($this->_rules[$row][1]=="min") {
$showplural = ($this->_rules[$row][2] > 1) ? "s" : "";
$retval="Password must include at least " . $this->_rules[$row][2] . " ". $this->_rules[$row][4] . $showplural . '.';
}
if ($this->_rules[$row][1]=="max") {
$showplural = ($this->_rules[$row][2] > 1) ? "s" : "";
$retval="Password must not include more than " . $this->_rules[$row][2] . " ". $this->_rules[$row][4] . $showplural . '.'; }
return$retval;
}
public function __construct($useDefaults=true) {
//modify this function to turn rules on/off or to change their criteria
if ($useDefaults) {
$this->_rules = array(
//active (1/0), type, value, search pattern, description, satisfied (true/false)
array(1, 'min', 8, '/\S/', 'character', false),
array(1, 'min', 1, '/[A-Z]/', 'upper case letter', false),
array(1, 'min', 1, '/[a-z]/', 'lower case letter', false),
array(1, 'min', 1, '/\d/', 'number', false),
array(1, 'min', 1, '/[^a-zA-Z0-9]/', 'non-alphanumeric character', false),
array(1, 'max', 99, '/\S/', 'character', false)
);
}
}
public function addRule($type,$value,$pattern,$description) {
$index=count($this->_rules);
if ($type=="min") $this->_rules[$index]=array(1,'min',$value,$pattern,$description,false);
if ($type=="max") $this->_rules[$index]=array(1,'max',$value,$pattern,$description,false);
return 1;
}
public function filterPassword($password) {
//This function has no connection to what goes on in the rest of the class!
//It is provided as an example only
$encoded = filter_var($input,FILTER_SANITIZE_ENCODED);
return $encoded;
}
public function checkPassword($password) {
//checks an UNFILTERED password
//return true or false
$errors = false;
//loop through each rule, setting initial value of satisfied=false;
for ($row = 0; $row < count($this->_rules); $row++) {
$this->_rules[$row][5]=false;
//check: rule is active
if ($this->_rules[$row][0]) {
//check: rule type=minimum
if ($this->_rules[$row][1]=='min') {
//match the pattern to the password value
$found= preg_match_all($this->_rules[$row][3],$password);
//compare number of matches to the minimum
if ($found < $this->_rules[$row][2]) {
$errors=true;
} else {$this->_rules[$row][5]=true; }
}
if ($this->_rules[$row][1]=='max') {
//match the pattern to the password value
$found= preg_match_all($this->_rules[$row][3],$password);
//compare number of matches to the maximum
if ($found > $this->_rules[$row][2]) {
$errors=true;
} else {$this->_rules[$row][5]=true; }
}
}
}
return $errors ? false : true;
}
public function showRules() {
//return all rules as an array of HTML strings to be presented to user
//usage: echo (implode('<br>',myPRinstance.showRules()));
$html = array();
//loop through each rule
for ($row = 0; $row < count($this->_rules); $row++) {
//check: rule is active
if ($this->_rules[$row][0]) {
//format the text according to whether the rule is satisfied
//$css_class = ($this->_rules[$row][5]) ? 'passwordrule_satisfied' : 'passwordrule_unsatisfied';
$font_color = ($this->_rules[$row][5]) ? '#000000' : 'FF0000';
//append the html to the array
//$html[$row]='<div class="' . $css_class . '">' . $this->ruleText($row) . '</div>';
$html[$row]='<font color="' . $font_color . '">' . $this->ruleText($row) . '</font>';
}
}
return $html;
}
}
?>