WordPress.org

Make WordPress Core

Ticket #5404: 5404.patch

File 5404.patch, 3.8 KB (added by pishmishy, 10 years ago)
  • wp-includes/pluggable.php

     
    700700}
    701701endif;
    702702
     703if ( !function_exists('wp_test_password') ) :
     704function wp_test_password($password) {
     705        $error = "";
     706        #Check that the password contains mixed case
     707        $u = false;
     708        $l = false;
     709        for($i=0;$i<strlen($password) && !($u && $l);$i++){
     710                $u = $u || (ord(substr($password,$i,1)) > 64 && ord(substr($password,$i,1)) < 91);
     711                $l = $l || (ord(substr($password,$i,1)) > 96 && ord(substr($password,$i,1)) < 123);
     712        }
     713       
     714        if (!($u && $l)) $error .= __("The password is not mixed case<br/>\n");
     715        #Check that the password contains numbers and letters
     716        $a = false;
     717        $n = false;
     718        for($i=0;$i<strlen($password) && !($a && $n);$i++){
     719                $a = $a || (ord(substr($password,$i,1)) > 64 && ord(substr($password,$i,1)) < 91) || (ord(substr($password,$i,1)) > 96 && ord(substr($password,$i,1)) < 123);
     720                $n = $n || (ord(substr($password,$i,1)) > 47 && ord(substr($password,$i,1)) < 58);
     721        }
     722        if(!($a&&$n)) $error .= __("The password is not alphanumeric<br/>\n");
     723        #Check password length
     724        if(strlen($password)< 5) $error .= __("The password is not long enough<br/>\n");
     725        return $error; 
     726}
     727endif;
     728
    703729?>
  • wp-includes/registration.php

     
    207207        return wp_create_user($username, $password, $email);
    208208}
    209209
    210 ?>
    211  No newline at end of file
     210?>
  • wp-admin/includes/user.php

     
    102102        if ( $pass1 != $pass2 )
    103103                $errors->add( 'pass', __( '<strong>ERROR</strong>: Please enter the same password in the two password fields.' ), array( 'form-field' => 'pass1' ) );
    104104
     105        /* Check password strength */
     106        if ( get_option("strong_passwords") == 1 && wp_test_password($pass1) != "") $errors->add( 'pass', __('<strong>ERROR: </strong>') .wp_test_password($pass1), array( 'form-field' => 'pass1' ) );
     107
    105108        if (!empty ( $pass1 ))
    106109                $user->user_pass = $pass1;
    107110
     
    284287        $user->remove_all_caps();
    285288}
    286289
    287 ?>
    288  No newline at end of file
     290?>
  • wp-admin/options-general.php

     
    5353<td><label for="default_role">
    5454<select name="default_role" id="default_role"><?php wp_dropdown_roles( get_option('default_role') ); ?></select></label>
    5555</td>
     56<tr valign="top">
     57<th scope="row"><?php _e('Security:') ?></th>
     58<td><label for="strong_passwords">
     59<input name="strong_passwords" type="checkbox" id="strong_passwords" value="1" <?php checked('1', get_option('strong_passwords')); ?> />
     60<?php _e('Enforce Strong Passwords') ?></label>
     61</td>
    5662</tr>
    5763</table>
    5864<fieldset class="options">
     
    97103
    98104<p class="submit"><input type="submit" name="Submit" value="<?php _e('Update Options &raquo;') ?>" />
    99105<input type="hidden" name="action" value="update" />
    100 <input type="hidden" name="page_options" value="<?php if ( ! defined( 'WP_SITEURL' ) ) echo 'siteurl,'; if ( ! defined( 'WP_HOME' ) ) echo 'home,'; ?>blogname,blogdescription,admin_email,users_can_register,gmt_offset,date_format,time_format,start_of_week,comment_registration,default_role" />
     106<input type="hidden" name="page_options" value="<?php if ( ! defined( 'WP_SITEURL' ) ) echo 'siteurl,'; if ( ! defined( 'WP_HOME' ) ) echo 'home,'; ?>blogname,blogdescription,admin_email,users_can_register,gmt_offset,date_format,time_format,start_of_week,comment_registration,default_role,strong_passwords" />
    101107</p>
    102108</form>
    103109