Issue #496 has been updated by Clément OUDOT. Status changed from New to Assigned Assigned to set to Clément OUDOT Target version changed from self-service-password-0.8 to self-service-password-?
Set to another release, need OOP code ---------------------------------------- Feature #496: Add rule for local password policy: Maximum number of sequential characters http://tools.lsc-project.org/issues/496 Author: Luiz Fernando Severnini Status: Assigned Priority: Normal Assigned to: Clément OUDOT Category: Self Service Password Target version: self-service-password-? -Usingo OOP style: -Add a class that implements the rule (SequentialCharRule.class.php attached) -Edit the file config/config.inc.php and add setting for the policy, below $pwd_complexity, add: <pre> # Max sequential characters allowed - ascending or descending # example: 1 will allow 'ab' or '12' or 'ba' or '21' to be used in passord # example: 2 will allow 'abc' or '123' or 'cba' or '321' to be used in passord $pw_max_sequential_char = 0; </pre> In password policy array add: <pre> $pw_policy_config = array( ... "pw_max_sequential_char" => $pw_max_sequential_char, ... ); </pre> -Edit the file classes/PasswordPolicy.class.php Change the initializeRules() method: <pre> private function initializeRules() { ... $pw_history = $this->policyConfig['pw_history']; $pw_max_sequential_char = $this->policyConfig['pw_max_sequential_char']; ... //Rules must be chained, the last one will point to NULL if ($pw_max_sequential_char) { $nextRule = new SequentialCharRule($pw_max_sequential_char, $nextRule); $nextRule->setPolicyMessage($this->messages['policyseqchar']); } ... } </pre> Change showPolicy() method and add the code 'seqchar' to regular expression pattern: <pre> public function showPolicy($result) { ... if ($pwd_show_policy === "onerror") { if (!preg_match("/tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|sameasold|notcomplex|passwordinhistory|seqchar/", $result)) { return; } } ... } </pre> -Edit the file lang/en.inc.php Below $messages['passwordinhistory'] ... add: <pre> $messages['passwordinhistory'] = "Password has already been used. Choose a new one."; $messages['seqchar'] = "It's not allowed to use sequential char"; </pre> Below $messages['policynoreuse'] ... add: <pre> $messages['policyhistory'] = "The password can't be reused"; $messages['policyseqchar'] = "Maximal of sequential characters: "; </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
