Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthPasswordEngine.php
| Context not available. | |||||
| $raw_password = $password->openEnvelope(); | $raw_password = $password->openEnvelope(); | ||||
| if (!strlen($raw_password)) { | if (!@strlen($raw_password)) { | ||||
| if ($can_skip) { | if ($can_skip) { | ||||
| throw new PhabricatorAuthPasswordException( | throw new PhabricatorAuthPasswordException( | ||||
| pht('You must choose a password or skip this step.'), | pht('You must choose a password or skip this step.'), | ||||
| Context not available. | |||||
| $min_len = PhabricatorEnv::getEnvConfig('account.minimum-password-length'); | $min_len = PhabricatorEnv::getEnvConfig('account.minimum-password-length'); | ||||
| $min_len = (int)$min_len; | $min_len = (int)$min_len; | ||||
| if ($min_len) { | if ($min_len) { | ||||
| if (strlen($raw_password) < $min_len) { | if (@strlen($raw_password) < $min_len) { | ||||
| throw new PhabricatorAuthPasswordException( | throw new PhabricatorAuthPasswordException( | ||||
| pht( | pht( | ||||
| 'The selected password is too short. Passwords must be a minimum '. | 'The selected password is too short. Passwords must be a minimum '. | ||||
| Context not available. | |||||
| $raw_confirm = $confirm->openEnvelope(); | $raw_confirm = $confirm->openEnvelope(); | ||||
| if (!strlen($raw_confirm)) { | if (!@strlen($raw_confirm)) { | ||||
| throw new PhabricatorAuthPasswordException( | throw new PhabricatorAuthPasswordException( | ||||
| pht('You must confirm the selected password.'), | pht('You must confirm the selected password.'), | ||||
| null, | null, | ||||
| Context not available. | |||||
| // Skip very short terms: it's okay if your password has the substring | // Skip very short terms: it's okay if your password has the substring | ||||
| // "com" in it somewhere even if the install is on "mycompany.com". | // "com" in it somewhere even if the install is on "mycompany.com". | ||||
| foreach ($terms_map as $term => $source) { | foreach ($terms_map as $term => $source) { | ||||
| if (strlen($term) < $minimum_similarity) { | if (@strlen($term) < $minimum_similarity) { | ||||
| unset($terms_map[$term]); | unset($terms_map[$term]); | ||||
| } | } | ||||
| } | } | ||||
| Context not available. | |||||
| // Finally, make sure that none of the terms appear in the password, | // Finally, make sure that none of the terms appear in the password, | ||||
| // and that the password does not appear in any of the terms. | // and that the password does not appear in any of the terms. | ||||
| $normal_password = phutil_utf8_strtolower($raw_password); | $normal_password = phutil_utf8_strtolower($raw_password); | ||||
| if (strlen($normal_password) >= $minimum_similarity) { | if (@strlen($normal_password) >= $minimum_similarity) { | ||||
| foreach ($normal_map as $term => $source) { | foreach ($normal_map as $term => $source) { | ||||
| // See T2312. This may be required if the term list includes numeric | // See T2312. This may be required if the term list includes numeric | ||||
| Context not available. | |||||
| // array keys. | // array keys. | ||||
| $term = phutil_string_cast($term); | $term = phutil_string_cast($term); | ||||
| if (strpos($term, $normal_password) === false && | if (@strpos($term, $normal_password) === false && | ||||
| strpos($normal_password, $term) === false) { | @strpos($normal_password, $term) === false) { | ||||
| continue; | continue; | ||||
| } | } | ||||
| Context not available. | |||||
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under Apache 2.0 or other open source licenses. · CC BY-SA 4.0 · Apache 2.0