diff --git a/install/tpl/system.ini.master b/install/tpl/system.ini.master index 1f305dde81b6c91c0db1269d0e0eeabd7f497341..2b1a6d740cf78ca71bc91fcb089e8bb077b2e0a9 100644 --- a/install/tpl/system.ini.master +++ b/install/tpl/system.ini.master @@ -51,3 +51,5 @@ customer_no_start=1 customer_no_counter=0 session_timeout=0 session_allow_endless=0 +min_password_length=5 +min_password_strength=0 diff --git a/interface/lib/classes/validate_password.inc.php b/interface/lib/classes/validate_password.inc.php new file mode 100644 index 0000000000000000000000000000000000000000..961963743a7a0d90c85bde0a7b7fdc9ba30f4961 --- /dev/null +++ b/interface/lib/classes/validate_password.inc.php @@ -0,0 +1,121 @@ +,<" ]/', $password)) { + $points += 1; + } + + if ($points == 0) { + if ($length >= 5 && $length <= 6) { + return 1; + } else if ($length >= 7 && $length <= 8) { + return 2; + } else { + return 3; + } + } else if ($points == 1) { + if ($length >= 5 && $length <= 6) { + return 2; + } else if (length >= 7 && length <=10) { + return 3; + } else { + return 4; + } + } else if ($points == 2) { + if ($length >= 5 && $length <= 8) { + return 3; + } else if ($length >= 9 && $length <= 10) { + return 4; + } else { + return 5; + } + } else if ($points == 3) { + if ($length >= 5 && $length <= 6) { + return 3; + } else if ($length >= 7 && $length <= 8) { + return 4; + } else { + return 5; + } + } else if ($points >= 4) { + if ($length >= 5 && $length <= 6) { + return 4; + } else { + return 5; + } + } + + } + + /* Validator function */ + function password_check($field_name, $field_value, $validator) { + global $app; + + $app->uses('ini_parser,getconf'); + $server_config_array = $app->getconf->get_global_config(); + + $min_password_strength = 0; + $min_password_length = 5; + if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length']; + if(isset($server_config_array['misc']['min_password_strength'])) $min_password_strength = $server_config_array['misc']['min_password_strength']; + + if($min_password_strength > 0) { + $lng_text = $app->lng('weak_password_txt'); + $lng_text = str_replace(array('{chars}', '{strength}'), array($min_password_length, $app->lng('strength_' . $min_password_strength)), $lng_text); + } else { + $lng_text = $app->lng('weak_password_length_txt'); + $lng_text = str_replace('{chars}', $min_password_length, $lng_text); + } + if(!$lng_text) $lng_text = 'weak_password_txt'; // always return a string, even if language is missing - otherwise validator is NOT MATCHING! + + if(strlen($field_value) < $min_password_length) return $lng_text; + if($this->_get_password_strength($field_value) < $min_password_strength) return $lng_text; + + return false; + } +} diff --git a/interface/lib/lang/de.lng b/interface/lib/lang/de.lng index 91300ea76067b1eeda84a925e85e05b0250c2d05..920e2cea6e511cae47eeffefead0512e3c0e6e8d 100644 --- a/interface/lib/lang/de.lng +++ b/interface/lib/lang/de.lng @@ -139,4 +139,12 @@ $wb['gender_f_txt'] = 'Frau'; $wb['client_cannot_be_deleted_because_of_billing_module_txt'] = 'Für den Kunden existieren Einträge im Billing-Modul, daher kann er nicht gelöscht werden.'; $wb['yes_txt'] = 'Ja'; $wb['no_txt'] = 'Nein'; +$wb['None'] = 'Keine'; +$wb['strength_1'] = 'Leicht'; +$wb['strength_2'] = 'Mittel'; +$wb['strength_3'] = 'Gut'; +$wb['strength_4'] = 'Stark'; +$wb['strength_5'] = 'Sehr stark'; +$wb['weak_password_txt'] = 'Das gewählte Passwort erfüllt die Sicherheitsanforderungen nicht. Es muss mindestens {chars} Zeichen lang sein und die Stärke "{strength}" besitzen.'; +$wb['weak_password_length_txt'] = 'Das gewählte Passwort erfüllt die Sicherheitsanforderungen nicht. Es muss mindestens {chars} Zeichen lang sein.'; ?> \ No newline at end of file diff --git a/interface/lib/lang/en.lng b/interface/lib/lang/en.lng index a8939b997a97031656f09245269443bb512f9b9a..ec309d9f850adf2f1540598fda4ab7c366067569 100644 --- a/interface/lib/lang/en.lng +++ b/interface/lib/lang/en.lng @@ -141,4 +141,13 @@ $wb['gender_f_txt'] = 'Ms.'; $wb['client_cannot_be_deleted_because_of_billing_module_txt'] = 'This client has records in the billing module, therefore he cannot be deleted.'; $wb['yes_txt'] = 'Yes'; $wb['no_txt'] = 'No'; +$wb['None'] = 'None'; +$wb['strength_1'] = 'Weak'; +$wb['strength_2'] = 'Fair'; +$wb['strength_3'] = 'Good'; +$wb['strength_4'] = 'Strong'; +$wb['strength_5'] = 'Very Strong'; +$wb['weak_password_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length and have a strength of "{strength}".'; +$wb['weak_password_length_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length.'; + ?> diff --git a/interface/web/admin/form/remote_user.tform.php b/interface/web/admin/form/remote_user.tform.php index fd765ce9f632ad051b014cdeb556c923fc18d250..1ab2b0e0d57ec5fb95e6c13497540ea1a320504c 100644 --- a/interface/web/admin/form/remote_user.tform.php +++ b/interface/web/admin/form/remote_user.tform.php @@ -101,6 +101,14 @@ $form["tabs"]['remote_user'] = array ( 'remote_password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'MD5', 'default' => '', 'value' => '', diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php index 8d7008f804e70b0e301aadf3acc253b256419c29..60545342264fc65d72c11c547e9608c92fa43dc2 100644 --- a/interface/web/admin/form/system_config.tform.php +++ b/interface/web/admin/form/system_config.tform.php @@ -487,6 +487,20 @@ $form["tabs"]['misc'] = array ( 'default' => 'n', 'value' => array(0 => 'n', 1 => 'y') ), + 'min_password_length' => array( + 'datatype' => 'INTEGER', + 'formtype' => 'TEXT', + 'default' => '5', + 'value' => '', + 'width' => '30', + 'maxlength' => '255' + ), + 'min_password_strength' => array( + 'datatype' => 'VARCHAR', + 'formtype' => 'SELECT', + 'default' => '', + 'value' => array('' => 'None', '1' => 'strength_1', '2' => 'strength_2', '3' => 'strength_3', '4' => 'strength_4', '5' => 'strength_5') + ) //################################# // ENDE Datatable fields //################################# diff --git a/interface/web/admin/form/users.tform.php b/interface/web/admin/form/users.tform.php index 06f07c07e977c6024e89786bd312513805c60b85..9ee2970df51bac402529b9c794579918bf678bf9 100644 --- a/interface/web/admin/form/users.tform.php +++ b/interface/web/admin/form/users.tform.php @@ -164,6 +164,14 @@ $form['tabs']['users'] = array ( 'passwort' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'regex' => '', 'errmsg' => '', diff --git a/interface/web/admin/lib/lang/de_system_config.lng b/interface/web/admin/lib/lang/de_system_config.lng index f4103d57a29f318ce4d020751107b81fc1f6d3e1..9c978216b6af3168b555f2e3bc5fcf161ba5cc90 100644 --- a/interface/web/admin/lib/lang/de_system_config.lng +++ b/interface/web/admin/lib/lang/de_system_config.lng @@ -66,4 +66,6 @@ $wb['customer_no_counter_txt'] = 'Kundennummer Zähler'; $wb['session_timeout_txt'] = 'Session-Timeout (Minuten)'; $wb['session_allow_endless_txt'] = '"Eingeloggt bleiben" aktivieren'; $wb['No'] = 'Nein'; +$wb['min_password_length_txt'] = 'Minimale Passwortlänge'; +$wb['min_password_strength_txt'] = 'Minimale Passwortstärke'; ?> \ No newline at end of file diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng index d78478e21e1dae07cc531dbc48874710ea7fa9ff..f0e01936ac6569cb2b1d27456d583bb5538f66bb 100644 --- a/interface/web/admin/lib/lang/en_system_config.lng +++ b/interface/web/admin/lib/lang/en_system_config.lng @@ -66,4 +66,6 @@ $wb['customer_no_counter_txt'] = 'Customer No. counter'; $wb['session_timeout_txt'] = 'Session timeout (minutes)'; $wb['session_allow_endless_txt'] = 'Enable "stay logged in"'; $wb['No'] = 'No'; +$wb['min_password_length_txt'] = 'Minimum password length'; +$wb['min_password_strength_txt'] = 'Minimum password strength'; ?> diff --git a/interface/web/admin/templates/system_config_misc_edit.htm b/interface/web/admin/templates/system_config_misc_edit.htm index ea9844e45a9593601bcc1afe77397d30f1231331..2fd6eef842f08de0de041121169876d41f9e9648 100644 --- a/interface/web/admin/templates/system_config_misc_edit.htm +++ b/interface/web/admin/templates/system_config_misc_edit.htm @@ -90,6 +90,16 @@
{tmpl_var name='session_allow_endless'}
+ +
+ + +
+
+ +

{tmpl_var name='maintenance_mode_txt'}

diff --git a/interface/web/client/form/client.tform.php b/interface/web/client/form/client.tform.php index 41e49b656bf25f9d716a1396f3b4ea0f9a7a905f..623f92eafcb9e22e1b549e1038ecc2dc9dc1198c 100644 --- a/interface/web/client/form/client.tform.php +++ b/interface/web/client/form/client.tform.php @@ -166,6 +166,14 @@ $form["tabs"]['address'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption'=> 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/client/form/reseller.tform.php b/interface/web/client/form/reseller.tform.php index a37210990618db097a2ce27d9a7c4ae6ea1d6fa6..99e7c6e08c124e3b81c2380b3d91e7779e40e0fe 100644 --- a/interface/web/client/form/reseller.tform.php +++ b/interface/web/client/form/reseller.tform.php @@ -166,6 +166,14 @@ $form["tabs"]['address'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption'=> 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/js/scrigo.js.php b/interface/web/js/scrigo.js.php index ec7cdb9f8448508f028564671b775f83bf32b55b..be5d44f6404ff8d4efaba69765947f03daa109de 100644 --- a/interface/web/js/scrigo.js.php +++ b/interface/web/js/scrigo.js.php @@ -522,8 +522,13 @@ function keepalive() { } - -var pass_minimum_length = 5; +functions->intval($server_config_array['misc']['min_password_length']); +} +?> +var pass_minimum_length = ; var pass_messages = new Array(); var pass_message = new Array(); diff --git a/interface/web/mail/form/mail_mailinglist.tform.php b/interface/web/mail/form/mail_mailinglist.tform.php index dbd7c0e042245b60a35857b29cb18511c047722f..24c4f003c9ef4f9ebff5f3cc1c4269b13dbcfb11 100644 --- a/interface/web/mail/form/mail_mailinglist.tform.php +++ b/interface/web/mail/form/mail_mailinglist.tform.php @@ -132,6 +132,14 @@ $form["tabs"]['mailinglist'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption'=> 'CLEARTEXT', 'default' => '', 'value' => '', diff --git a/interface/web/mail/form/mail_user.tform.php b/interface/web/mail/form/mail_user.tform.php index 66bc8e3c21ebbb3d7bc286825ac3343af4e8354c..fdfd6a629235bdf408a07782e1259773a2dbe5c4 100644 --- a/interface/web/mail/form/mail_user.tform.php +++ b/interface/web/mail/form/mail_user.tform.php @@ -120,6 +120,14 @@ $form["tabs"]['mailuser'] = array( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption'=> 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/mailuser/form/mail_user_password.tform.php b/interface/web/mailuser/form/mail_user_password.tform.php index 65cf076e318cc1da4fed753fcc7a57f25b274efb..a11982e284d95c382d77727b3be30ab726f5543d 100644 --- a/interface/web/mailuser/form/mail_user_password.tform.php +++ b/interface/web/mailuser/form/mail_user_password.tform.php @@ -61,6 +61,14 @@ $form["tabs"]['mailuser'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/database_user.tform.php b/interface/web/sites/form/database_user.tform.php index a270fb1afd5f380e5ce61372ce0e24f322460473..6afb34b9d842aa62b7d922255296578738c0445b 100644 --- a/interface/web/sites/form/database_user.tform.php +++ b/interface/web/sites/form/database_user.tform.php @@ -102,6 +102,14 @@ $form["tabs"]['database_user'] = array ( 'database_password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'MYSQL', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/ftp_user.tform.php b/interface/web/sites/form/ftp_user.tform.php index b540ec02676c68c57f06635243f8c047e248ebe9..20e4565ff8e0b7cb03343b477879204068794b7b 100644 --- a/interface/web/sites/form/ftp_user.tform.php +++ b/interface/web/sites/form/ftp_user.tform.php @@ -110,6 +110,14 @@ $form["tabs"]['ftp'] = array ( ), 'password' => array ( 'datatype' => 'VARCHAR', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'formtype' => 'PASSWORD', 'encryption' => 'CRYPT', 'default' => '', diff --git a/interface/web/sites/form/shell_user.tform.php b/interface/web/sites/form/shell_user.tform.php index d9928e6acd068b53d9449ae7f1331cd5dd1fe040..ab7cef1bfa24eaa7509e866181f37ec541cf8e3f 100644 --- a/interface/web/sites/form/shell_user.tform.php +++ b/interface/web/sites/form/shell_user.tform.php @@ -111,6 +111,14 @@ $form["tabs"]['shell'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/web_domain.tform.php b/interface/web/sites/form/web_domain.tform.php index 59f38b587b93ed18f546e7205132afe3fb0c0d1b..651b64355a77aa10b52bc373ff895b658fd0de71 100644 --- a/interface/web/sites/form/web_domain.tform.php +++ b/interface/web/sites/form/web_domain.tform.php @@ -478,6 +478,14 @@ $form["tabs"]['stats'] = array ( 'stats_password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/web_folder_user.tform.php b/interface/web/sites/form/web_folder_user.tform.php index 19ca71c1dab3790ed0da7f989a0f43a33c31320e..c3386a5a223812ffffb5d67ca01a853395f3bad9 100644 --- a/interface/web/sites/form/web_folder_user.tform.php +++ b/interface/web/sites/form/web_folder_user.tform.php @@ -98,6 +98,14 @@ $form["tabs"]['user'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/web_vhost_subdomain.tform.php b/interface/web/sites/form/web_vhost_subdomain.tform.php index 1448a64adb3bae9d3e11e7b45de728b074ab0883..e4ca6a2fd0991a238b8ee3a61f44ccbc8d9bf3be 100644 --- a/interface/web/sites/form/web_vhost_subdomain.tform.php +++ b/interface/web/sites/form/web_vhost_subdomain.tform.php @@ -468,6 +468,14 @@ $form["tabs"]['stats'] = array ( 'stats_password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption' => 'CRYPT', 'default' => '', 'value' => '', diff --git a/interface/web/sites/form/webdav_user.tform.php b/interface/web/sites/form/webdav_user.tform.php index d17f3ed4af389d2d0c88b5f0085be28745974d87..a1bfd3056d6a7479e20034bbeb913db30849d0a1 100644 --- a/interface/web/sites/form/webdav_user.tform.php +++ b/interface/web/sites/form/webdav_user.tform.php @@ -104,6 +104,14 @@ $form["tabs"]['webdav'] = array ( 'password' => array ( 'datatype' => 'VARCHAR', 'encryption' => 'CLEARTEXT', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'formtype' => 'PASSWORD', 'default' => '', 'value' => '', diff --git a/interface/web/tools/form/user_settings.tform.php b/interface/web/tools/form/user_settings.tform.php index 4ceda5843499bd05c09cd67957c39a22c234b3a6..f3ad5a2d3d3b1362cb72de062092ac75f5831a83 100644 --- a/interface/web/tools/form/user_settings.tform.php +++ b/interface/web/tools/form/user_settings.tform.php @@ -104,6 +104,14 @@ $form['tabs']['users'] = array ( 'passwort' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', + 'validators' => array( + 0 => array( + 'type' => 'CUSTOM', + 'class' => 'validate_password', + 'function' => 'password_check', + 'errmsg' => 'weak_password_txt' + ) + ), 'encryption'=> 'CRYPT', 'regex' => '', 'errmsg' => '',