Adding some password validation rules. refs #1256
Showing
1 changed file
with
8 additions
and
2 deletions
| ... | @@ -22,6 +22,8 @@ const ACTION_ACTIVATE = 'wpmu_activate_user'; | ... | @@ -22,6 +22,8 @@ const ACTION_ACTIVATE = 'wpmu_activate_user'; |
| 22 | 22 | ||
| 23 | const OPTION_NAME = 'tz_auth'; // Database lookup key (`wp_options`.`option_name`) | 23 | const OPTION_NAME = 'tz_auth'; // Database lookup key (`wp_options`.`option_name`) |
| 24 | 24 | ||
| 25 | const PASS_MAX_LEN = 15; // Maximum length of password | ||
| 26 | |||
| 25 | call_user_func(function() { | 27 | call_user_func(function() { |
| 26 | global $wpdb; | 28 | global $wpdb; |
| 27 | if (empty($wpdb->signups)) { | 29 | if (empty($wpdb->signups)) { |
| ... | @@ -263,8 +265,12 @@ class Validation extends Common\Validation { | ... | @@ -263,8 +265,12 @@ class Validation extends Common\Validation { |
| 263 | throw new Exception('<li>Password can not be blank</li>'); | 265 | throw new Exception('<li>Password can not be blank</li>'); |
| 264 | } | 266 | } |
| 265 | 267 | ||
| 266 | if (false !== strpos($val, ' ')) { | 268 | if (isset($val[PASS_MAX_LEN + 1])) { |
| 267 | throw new Exception('<li>Password can not contain spaces</li>'); | 269 | throw new Exception('<li>Password can not be longer than ' . PASS_MAX_LEN . ' characters.</li>'); |
| 270 | } | ||
| 271 | |||
| 272 | if (preg_match('/(\\\\|\\\'|"| )+/i', $val)) { | ||
| 273 | throw new Exception('<li>Password can not contain spaces, backslashes (\) or quotes</li>'); | ||
| 268 | } | 274 | } |
| 269 | } | 275 | } |
| 270 | 276 | ... | ... |
-
Please register or sign in to post a comment