From 359e941731104cd989739d789f476590011eb518 Mon Sep 17 00:00:00 2001
From: Christopher Smith <chris@jalakai.co.uk>
Date: Sat, 15 Feb 2014 21:00:50 +0000
Subject: [PATCH] add password confirmation field when setting password in the
usermanager
---
lib/plugins/usermanager/admin.php | 54 +++++++++++++++++++++---
lib/plugins/usermanager/lang/en/lang.php | 3 ++
2 files changed, 50 insertions(+), 7 deletions(-)
diff --git a/lib/plugins/usermanager/admin.php b/lib/plugins/usermanager/admin.php
index 4b94440b0..faa4b8d31 100644
--- a/lib/plugins/usermanager/admin.php
+++ b/lib/plugins/usermanager/admin.php
@@ -299,6 +299,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
$this->_htmlInputField($cmd."_userid", "userid", $this->lang["user_id"], $user, $this->_auth->canDo("modLogin"), $indent+6);
$this->_htmlInputField($cmd."_userpass", "userpass", $this->lang["user_pass"], "", $this->_auth->canDo("modPass"), $indent+6);
+ $this->_htmlInputField($cmd."_userpass2", "userpass2", $this->lang["user_passconfirm"], "", $this->_auth->canDo("modPass"), $indent+6);
$this->_htmlInputField($cmd."_username", "username", $this->lang["user_name"], $name, $this->_auth->canDo("modName"), $indent+6);
$this->_htmlInputField($cmd."_usermail", "usermail", $this->lang["user_mail"], $mail, $this->_auth->canDo("modMail"), $indent+6);
$this->_htmlInputField($cmd."_usergroups","usergroups",$this->lang["user_groups"],$groups,$this->_auth->canDo("modGroups"),$indent+6);
@@ -358,7 +359,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
$class = $cando ? '' : ' class="disabled"';
echo str_pad('',$indent);
- if($name == 'userpass'){
+ if($name == 'userpass' || $name == 'userpass2'){
$fieldtype = 'password';
$autocomp = 'autocomplete="off"';
}elseif($name == 'usermail'){
@@ -475,7 +476,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
if (!checkSecurityToken()) return false;
if (!$this->_auth->canDo('addUser')) return false;
- list($user,$pass,$name,$mail,$grps) = $this->_retrieveUser();
+ list($user,$pass,$name,$mail,$grps,$passconfirm) = $this->_retrieveUser();
if (empty($user)) return false;
if ($this->_auth->canDo('modPass')){
@@ -486,6 +487,10 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
msg($this->lang['add_fail'], -1);
return false;
}
+ } else {
+ if (!$this->_verifyPassword($pass,$passconfirm)) {
+ return false;
+ }
}
} else {
if (!empty($pass)){
@@ -606,7 +611,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
$oldinfo = $this->_auth->getUserData($olduser);
// get new user data subject to change
- list($newuser,$newpass,$newname,$newmail,$newgrps) = $this->_retrieveUser();
+ list($newuser,$newpass,$newname,$newmail,$newgrps,$passconfirm) = $this->_retrieveUser();
if (empty($newuser)) return false;
$changes = array();
@@ -625,10 +630,19 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
$changes['user'] = $newuser;
}
}
-
- // generate password if left empty and notification is on
- if($INPUT->has('usernotify') && empty($newpass)){
- $newpass = auth_pwgen($olduser);
+ if ($this->_auth->canDo('modPass')) {
+ if ($newpass || $confirm) {
+ if ($this->_verifyPassword($newpass,$passconfirm)) {
+ $changes['pass'] = $newpass;
+ } else {
+ return false;
+ }
+ } else {
+ // no new password supplied, check if we need to generate one (or it stays unchanged)
+ if ($INPUT->has('usernotify')) {
+ $changes['pass'] = auth_pwgen($olduser);
+ }
+ }
}
if (!empty($newname) && $this->_auth->canDo('modName') && $newname != $oldinfo['name']) {
@@ -686,6 +700,31 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
return $sent;
}
+ /**
+ * Verify password meets minimum requirements
+ * :TODO: extend to support password strength
+ *
+ * @param string $password candidate string for new password
+ * @param string $confirm repeated password for confirmation
+ * @return bool true if meets requirements, false otherwise
+ */
+ protected function _verifyPassword($password, $confirm) {
+
+ if (empty($password)) {
+ return false;
+ }
+
+ if ($password !== $confirm) {
+ msg($this->lang['pass_confirm_fail'], -1);
+ return false;
+ }
+
+ // :TODO: test password for required strength
+
+ // if we make it this far the password is good
+ return true;
+ }
+
/**
* Retrieve & clean user data from the form
*
@@ -702,6 +741,7 @@ class admin_plugin_usermanager extends DokuWiki_Admin_Plugin {
$user[2] = $INPUT->str('username');
$user[3] = $INPUT->str('usermail');
$user[4] = explode(',',$INPUT->str('usergroups'));
+ $user[5] = $INPUT->str('userpass2'); // repeated password for confirmation
$user[4] = array_map('trim',$user[4]);
if($clean) $user[4] = array_map(array($auth,'cleanGroup'),$user[4]);
diff --git a/lib/plugins/usermanager/lang/en/lang.php b/lib/plugins/usermanager/lang/en/lang.php
index f87c77afb..c18b5d684 100644
--- a/lib/plugins/usermanager/lang/en/lang.php
+++ b/lib/plugins/usermanager/lang/en/lang.php
@@ -76,4 +76,7 @@ $lang['import_error_create'] = 'Unable to create the user';
$lang['import_notify_fail'] = 'Notification message could not be sent for imported user, %s with email %s.';
$lang['import_downloadfailures'] = 'Download Failures as CSV for correction';
+// added 2014-02
+$lang['user_passconfirm'] = 'Confirm Password';
+$lang['pass_confirm_fail'] = 'Passwords do not match';
--
GitLab