yetangitu/lam
1
0
Fork 0
mirror of https://github.com/LDAPAccountManager/lam.git synced 2025-10-03 09:49:16 +02:00
Code Issues Releases Wiki Activity

#390 password policy for configuration

Browse source
This commit is contained in:
Roland Gruber 2025-01-15 08:02:01 +01:00
parent c0d027e7ad
commit 49e4d19ffb
1 changed files with 16 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

22
lam/templates/config/profmanage.php
View file

@ -79,7 +79,13 @@ if (isset($_POST['action'])) {
// add new profile
elseif ($_POST['action'] == "add") {
// check profile password
if ($_POST['addpassword'] && $_POST['addpassword2'] && ($_POST['addpassword'] == $_POST['addpassword2'])) {
if (empty($_POST['addpassword']) || ($_POST['addpassword'] !== $_POST['addpassword2'])) {
$error = _("Profile passwords are different or empty!");
}
elseif (!isValidConfigurationPassword($_POST['addpassword'])) {
$error = _('Please enter at least 8 characters including letters, a number and a symbol.');
}
else {
try {
$serverProfilePersistenceManager->createProfileFromTemplate($_POST['addprofile'], $_POST['addTemplate'], $_POST['addpassword']);
$_SESSION['conf_isAuthenticated'] = $_POST['addprofile'];
@ -91,9 +97,6 @@ if (isset($_POST['action'])) {
$error = $e->getTitle();
}
}
else {
$error = _("Profile passwords are different or empty!");
}
}
// rename profile
elseif ($_POST['action'] == "rename") {
@ -131,7 +134,13 @@ if (isset($_POST['action'])) {
// set new profile password
elseif ($_POST['action'] == "setpass") {
if (preg_match("/^[a-z0-9_-]+$/i", (string) $_POST['setprofile'])) {
if ($_POST['setpassword'] && $_POST['setpassword2'] && ($_POST['setpassword'] == $_POST['setpassword2'])) {
if (empty($_POST['setpassword']) || ($_POST['setpassword'] !== $_POST['setpassword2'])) {
$error = _("Profile passwords are different or empty!");
}
elseif (!isValidConfigurationPassword($_POST['setpassword'])) {
$error = _('Please enter at least 8 characters including letters, a number and a symbol.');
}
else {
try {
$config = $serverProfilePersistenceManager->loadProfile($_POST['setprofile']);
$config->set_Passwd($_POST['setpassword']);
@ -142,9 +151,6 @@ if (isset($_POST['action'])) {
}
$config = null;
}
else {
$error = _("Profile passwords are different or empty!");
}
}
else {
$error = _("Profile name is invalid!");