| Index: trunk/extensions/SecurePasswords/SecurePasswords.i18n.php |
| — | — | @@ -10,6 +10,14 @@ |
| 11 | 11 | */ |
| 12 | 12 | $messages['en'] = array( |
| 13 | 13 | 'securepasswords-desc' => 'Creates more secure password hashes and adds a password strength checker', |
| | 14 | + 'securepasswords-valid' => 'Your password is invalid or too short. It must:', |
| | 15 | + 'securepasswords-minlength' => 'be at least $1 characters long', |
| | 16 | + 'securepasswords-lowercase' => 'contain at least 1 lowercase letter', |
| | 17 | + 'securepasswords-uppercase' => 'contain at least 1 uppercase letter', |
| | 18 | + 'securepasswords-digit' => 'contain at least 1 digit', |
| | 19 | + 'securepasswords-special' => 'contain at least 1 special character (Special characters are: $1)', |
| | 20 | + 'securepasswords-username' => 'be different from your username', |
| | 21 | + 'securepasswords-word' => 'not be a word', |
| 14 | 22 | ); |
| 15 | 23 | |
| 16 | 24 | /** Lower Sorbian (Dolnoserbski) |
| Index: trunk/extensions/SecurePasswords/SecurePasswords.php |
| — | — | @@ -12,8 +12,7 @@ |
| 13 | 13 | } |
| 14 | 14 | |
| 15 | 15 | $wgValidPasswords = array( |
| 16 | | - 'minlength' => $wgMinimalPasswordLength, #Minimum password length, should be at least 8 |
| 17 | | - 'maxlength' => 30, #Maximum password length, set to something lower if the hashes are being truncated in the database |
| | 16 | + 'minlength' => $wgMinimalPasswordLength, #Minimum password length, should be at least 8 for decent security |
| 18 | 17 | 'lowercase' => true, #Should we require at least one lowercase letter? |
| 19 | 18 | 'uppercase' => true, #Should we require at least one uppercase letter? |
| 20 | 19 | 'digit' => true, #Should we require at least one digit? |
| — | — | @@ -22,20 +21,25 @@ |
| 23 | 22 | 'wordcheck' => function_exists( 'pspell_check' ), #Should we check the password against a dictionary to make sure that it is not a word? |
| 24 | 23 | ); |
| 25 | 24 | |
| | 25 | +$wgSecurePasswordSpecialChars = '.|\/!@#$%^&*\(\)-_=+\[\]{}`~,<>?\'";: '; # Character class of special characters for a regex |
| | 26 | + |
| 26 | 27 | $wgExtensionCredits['other'][] = array( |
| 27 | 28 | 'name' => 'SecurePasswords', |
| 28 | 29 | 'author' => 'Ryan Schmidt', |
| 29 | 30 | 'url' => 'http://www.mediawiki.org/wiki/Extension:SecurePasswords', |
| 30 | | - 'version' => '1.0', |
| | 31 | + 'version' => '1.1', |
| 31 | 32 | 'svn-date' => '$LastChangedDate$', |
| 32 | 33 | 'svn-revision' => '$LastChangedRevision$', |
| 33 | 34 | 'description' => 'Creates more secure password hashes and adds a password strength checker', |
| 34 | 35 | 'descriptionmsg' => 'securepasswords-desc', |
| 35 | 36 | ); |
| 36 | 37 | |
| | 38 | +$wgExtensionMessagesFiles['SecurePasswords'] = dirname( __FILE__ ) . '/SecurePasswords.i18n.php'; |
| | 39 | + |
| 37 | 40 | $wgHooks['UserCryptPassword'][] = 'efSecurePasswordsCrypt'; //used to encrypt passwords |
| 38 | 41 | $wgHooks['UserComparePasswords'][] = 'efSecurePasswordsCompare'; //used to compare a password with an encrypted password |
| 39 | 42 | $wgHooks['isValidPassword'][] = 'efSecurePasswordsValidate'; //used to enforce password strength |
| | 43 | +$wgHooks['NormalizeMessageKey'][] = 'efSecurePasswordsMessage'; //used to override the message to show what the password requirements are |
| 40 | 44 | |
| 41 | 45 | function efSecurePasswordsCrypt( &$password, &$salt, &$wgPasswordSalt, &$hash ) { |
| 42 | 46 | $hash = 'SP:'; |
| — | — | @@ -231,11 +235,11 @@ |
| 232 | 236 | } |
| 233 | 237 | } |
| 234 | 238 | |
| 235 | | - global $wgValidPasswords, $wgContLang; |
| | 239 | + global $wgValidPasswords, $wgContLang, $wgSecurePasswordsSpecialChars; |
| 236 | 240 | $lang = $wgContLang->getPreferredVariant( false ); |
| 237 | 241 | |
| 238 | 242 | // check password length |
| 239 | | - if( strlen( $password ) < $wgValidPasswords['minlength'] || strlen( $password ) > $wgValidPasswords['maxlength'] ) { |
| | 243 | + if( strlen( $password ) < $wgValidPasswords['minlength'] ) { |
| 240 | 244 | $result = false; |
| 241 | 245 | return false; |
| 242 | 246 | } |
| — | — | @@ -259,8 +263,7 @@ |
| 260 | 264 | } |
| 261 | 265 | |
| 262 | 266 | // check for a special character, if needed |
| 263 | | - $special = '.|\/!@#$%^&*()-_=+[]{}\\\\`~,<>?\'";: '; |
| 264 | | - if( $wgValidPasswords['special'] && !preg_match( '/[' . $special . ']/', $password ) ) { |
| | 267 | + if( $wgValidPasswords['special'] && !preg_match( '/[' . $wgSecurePasswordsSpecialChars . ']/', $password ) ) { |
| 265 | 268 | $result = false; |
| 266 | 269 | return false; |
| 267 | 270 | } |
| — | — | @@ -293,4 +296,60 @@ |
| 294 | 297 | |
| 295 | 298 | $result = true; |
| 296 | 299 | return false; |
| | 300 | +} |
| | 301 | + |
| | 302 | +function efSecurePasswordsMessage( &$key, &$useDB, &$langCode, &$transform ) { |
| | 303 | + // do we have the right key? |
| | 304 | + if( $key != 'passwordtooshort' ) { |
| | 305 | + return true; |
| | 306 | + } |
| | 307 | + |
| | 308 | + // don't replace the message if we're viewing Special:AllMessages |
| | 309 | + global $wgTitle, $wgMessageCache, $wgValidPasswords; |
| | 310 | + if( is_object( $wgTitle ) && $wgTitle instanceOf Title ) { |
| | 311 | + $page = $wgTitle->getText(); |
| | 312 | + $ns = $wgTitle->getNamespace(); |
| | 313 | + } else { |
| | 314 | + // $wgTitle isn't defined, fail gracefully |
| | 315 | + return true; |
| | 316 | + } |
| | 317 | + |
| | 318 | + if( $ns === NS_SPECIAL ) { |
| | 319 | + list( $title, $sp ) = SpecialPage::resolveAliasWithSubpage( $page ); |
| | 320 | + if( $title == 'AllMessages' ) { |
| | 321 | + return true; |
| | 322 | + } |
| | 323 | + } |
| | 324 | + |
| | 325 | + // ok, this isn't AllMessages, so we can replace the key |
| | 326 | + // TODO: this is an epic hack, add a hook to core to modify the message params |
| | 327 | + if( !is_object( $wgMessageCache ) ) { |
| | 328 | + // quit early... we can't properly change the message |
| | 329 | + return true; |
| | 330 | + } |
| | 331 | + wfLoadExtensionMessages('SecurePasswords'); |
| | 332 | + $key = 'securepasswords-password'; |
| | 333 | + $msg = wfMsg( 'securepasswords-valid' ) . ' '; |
| | 334 | + $msg .= wfMsg( 'securepasswords-minlength', $wgValidPasswords['minlength'] ); |
| | 335 | + if( $wgValidPasswords['lowercase'] ) { |
| | 336 | + $msg .= ', ' . wfMsg( 'securepasswords-lowercase' ); |
| | 337 | + } |
| | 338 | + if( $wgValidPasswords['uppercase'] ) { |
| | 339 | + $msg .= ', ' . wfMsg( 'securepasswords-uppercase' ); |
| | 340 | + } |
| | 341 | + if( $wgValidPasswords['digit'] ) { |
| | 342 | + $msg .= ', ' . wfMsg( 'securepasswords-digit' ); |
| | 343 | + } |
| | 344 | + if( $wgValidPasswords['special'] ) { |
| | 345 | + $msg .= ', ' . wfMsg( 'securepasswords-special', str_replace( '\\', '', $wgSecurePasswordsSpecialChars ) ); |
| | 346 | + } |
| | 347 | + if( $wgValidPasswords['usercheck'] ) { |
| | 348 | + $msg .= ', ' . wfMsg( 'securepasswords-username' ); |
| | 349 | + } |
| | 350 | + if( $wgValidPasswords['wordcheck'] ) { |
| | 351 | + $msg .= ', ' . wfMsg( 'securepasswords-word' ); |
| | 352 | + } |
| | 353 | + $wgMessageCache->addMessage( 'securepasswords-password', $msg, 'en' ); |
| | 354 | + |
| | 355 | + return true; |
| 297 | 356 | } |
| \ No newline at end of file |