Revision: 651
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=651&view=rev
Author: michieltcs
Date: 2012-05-02 07:29:07 +0000 (Wed, 02 May 2012)
Log Message:
-----------
Initial implementation of inPasswordList()
Modified Paths:
--------------
trunk/library/classes/Gems/User/PasswordChecker.php
Modified: trunk/library/classes/Gems/User/PasswordChecker.php
===================================================================
--- trunk/library/classes/Gems/User/PasswordChecker.php 2012-05-01 14:41:29 UTC (rev 650)
+++ trunk/library/classes/Gems/User/PasswordChecker.php 2012-05-02 07:29:07 UTC (rev 651)
@@ -57,6 +57,11 @@
* @var Gems_Project_ProjectSettings
*/
protected $project;
+
+ /**
+ * @var Zend_Cache
+ */
+ protected $cache;
/**
*
@@ -211,6 +216,42 @@
}
}
}
+
+ /**
+ * Tests if the password appears on a (weak) password list. The list should
+ * be a simpe newline separated list of (lowercase) passwords.
+ *
+ * @param string $parameter Filename of the password list, relative to APPLICATION_PATH
+ * @param string $password The password
+ */
+ protected function inPasswordList($parameter, $password)
+ {
+ if (empty($parameter)) {
+ return;
+ }
+
+ if ($this->cache) {
+ $passwordList = $this->cache->load('weakpasswordlist');
+ }
+
+ if (empty($passwordList)) {
+ $filename = APPLICATION_PATH . $parameter;
+
+ if (!file_exists($filename)) {
+ throw new Gems_Exception("Unable to load password list '{$filename}'");
+ }
+
+ $passwordList = explode("\n", file_get_contents($filename));
+ }
+
+ if (in_array(strtolower($password), $passwordList)) {
+ $this->_addError($this->translate->_('should not appear in a list of common passwords'));
+ }
+
+ if ($this->cache) {
+ $this->cache->save($passwordList, 'weakpasswordlist');
+ }
+ }
/**
* Check for password weakness.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
