diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index 8d64b53b4f..89ef8d5246 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -479,7 +479,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { if ($action == "update" && permission_exists('extension_edit')) { //generate a password if (strlen($password) == 0) { - $password = generate_password(12,4); + $password = generate_password(); } //set the voicemail password if (strlen($vm_password) == 0) { diff --git a/core/default_settings/app_defaults.php b/core/default_settings/app_defaults.php index 8d2ad1b417..8ffa6ae517 100644 --- a/core/default_settings/app_defaults.php +++ b/core/default_settings/app_defaults.php @@ -61,6 +61,56 @@ if ($domains_processed == 1) { unset($sql); } } + + //ensure that the default password length and strength are set + $sql = "select count(*) as num_rows from v_default_settings "; + $sql .= "where ( "; + $sql .= "default_setting_category = 'security' "; + $sql .= "and default_setting_subcategory = 'password_length' "; + $sql .= "and default_setting_name = 'var' "; + $sql .= ") or ( "; + $sql .= "default_setting_category = 'security' "; + $sql .= "and default_setting_subcategory = 'password_strength' "; + $sql .= "and default_setting_name = 'var' "; + $sql .= ") "; + $prep_statement = $db->prepare($sql); + if ($prep_statement) { + $prep_statement->execute(); + $row = $prep_statement->fetch(PDO::FETCH_ASSOC); + if ($row['num_rows'] == 0) { + $sql = "insert into v_default_settings "; + $sql .= "( "; + $sql .= "default_setting_uuid, "; + $sql .= "default_setting_category, "; + $sql .= "default_setting_subcategory, "; + $sql .= "default_setting_name, "; + $sql .= "default_setting_value, "; + $sql .= "default_setting_enabled, "; + $sql .= "default_setting_description "; + $sql .= ") "; + $sql .= "values "; + $sql .= "( "; + $sql .= "'".uuid()."', "; + $sql .= "'security', "; + $sql .= "'password_length', "; + $sql .= "'var', "; + $sql .= "'15', "; + $sql .= "'true', "; + $sql .= "'Sets the default length for system generated passwords.' "; + $sql .= "), ( "; + $sql .= "'".uuid()."', "; + $sql .= "'security', "; + $sql .= "'password_strength', "; + $sql .= "'var', "; + $sql .= "'4', "; + $sql .= "'true', "; + $sql .= "'Sets the default strength for system generated passwords. Valid Options: 1 - Numeric Only, 2 - Include Lower Apha, 3 - Include Upper Alpha, 4 - Include Special Characters' "; + $sql .= ") "; + $db->exec(check_sql($sql)); + unset($sql); + } + } + } ?> \ No newline at end of file diff --git a/core/default_settings/default_settings.php b/core/default_settings/default_settings.php index 94dfa65a6e..615b6afede 100644 --- a/core/default_settings/default_settings.php +++ b/core/default_settings/default_settings.php @@ -116,8 +116,10 @@ require_once "resources/paging.php"; if ($result_count > 0) { $previous_category = ''; foreach($result as $row) { + if ($previous_category != $row['default_setting_category']) { echo "\n"; + if ($previous_category != '') { echo "

"; } echo "
\n"; echo " ".ucfirst($row['default_setting_category'])." \n"; echo "\n"; diff --git a/resources/functions.php b/resources/functions.php index bfa4a4b447..8d3baa4636 100644 --- a/resources/functions.php +++ b/resources/functions.php @@ -426,7 +426,7 @@ //echo 'No File Extension Present'; return ''; } - + if(count($pattern) > 1) { $filenamepart = $pattern[count($pattern)-1][0]; preg_match('/[^?]*/', $filenamepart, $matches); @@ -518,7 +518,7 @@ //echo "file_name_base: ".$file_name_base."
\n"; //echo "dest_dir: ".$dest_dir."
\n"; - //move the file to upload directory + //move the file to upload directory //bool move_uploaded_file ( string $filename, string $destination ) if (move_uploaded_file($tmp_name, $dest_dir.'/'.$file_name)){ @@ -529,7 +529,7 @@ return false; } exit; - + } //end function } @@ -676,7 +676,7 @@ function switch_module_is_running($fp, $mod) { $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); //if the handle still does not exist show an error message if (!$fp) { - $msg = "
Connection to Event Socket failed.
"; + $msg = "
Connection to Event Socket failed.
"; } } if ($fp) { @@ -747,8 +747,8 @@ function format_string ($format, $data) { } //browser detection without browscap.ini dependency - function http_user_agent() { - $u_agent = $_SERVER['HTTP_USER_AGENT']; + function http_user_agent() { + $u_agent = $_SERVER['HTTP_USER_AGENT']; $bname = 'Unknown'; $platform = 'Unknown'; $version= ""; @@ -765,36 +765,36 @@ function format_string ($format, $data) { } //get the name of the useragent yes seperately and for good reason - if(preg_match('/MSIE/i',$u_agent) && !preg_match('/Opera/i',$u_agent)) - { - $bname = 'Internet Explorer'; - $ub = "MSIE"; - } - elseif(preg_match('/Firefox/i',$u_agent)) - { - $bname = 'Mozilla Firefox'; - $ub = "Firefox"; - } - elseif(preg_match('/Chrome/i',$u_agent)) - { - $bname = 'Google Chrome'; - $ub = "Chrome"; - } - elseif(preg_match('/Safari/i',$u_agent)) - { - $bname = 'Apple Safari'; - $ub = "Safari"; - } - elseif(preg_match('/Opera/i',$u_agent)) - { - $bname = 'Opera'; - $ub = "Opera"; - } - elseif(preg_match('/Netscape/i',$u_agent)) - { - $bname = 'Netscape'; - $ub = "Netscape"; - } + if(preg_match('/MSIE/i',$u_agent) && !preg_match('/Opera/i',$u_agent)) + { + $bname = 'Internet Explorer'; + $ub = "MSIE"; + } + elseif(preg_match('/Firefox/i',$u_agent)) + { + $bname = 'Mozilla Firefox'; + $ub = "Firefox"; + } + elseif(preg_match('/Chrome/i',$u_agent)) + { + $bname = 'Google Chrome'; + $ub = "Chrome"; + } + elseif(preg_match('/Safari/i',$u_agent)) + { + $bname = 'Apple Safari'; + $ub = "Safari"; + } + elseif(preg_match('/Opera/i',$u_agent)) + { + $bname = 'Opera'; + $ub = "Opera"; + } + elseif(preg_match('/Netscape/i',$u_agent)) + { + $bname = 'Netscape'; + $ub = "Netscape"; + } //finally get the correct version number $known = array('Version', $ub, 'other'); @@ -829,17 +829,17 @@ function format_string ($format, $data) { 'platform' => $platform, 'pattern' => $pattern ); - } + } //tail php function for non posix systems function tail($file, $num_to_get=10) { $fp = fopen($file, 'r'); $position = filesize($file); $chunklen = 4096; - if($position-$chunklen<=0) { - fseek($fp,0); + if($position-$chunklen<=0) { + fseek($fp,0); } - else { + else { fseek($fp, $position-$chunklen); } $data="";$ret="";$lc=0; @@ -866,16 +866,20 @@ function format_string ($format, $data) { } //generate a random password with upper, lowercase and symbols - function generate_password($length = 10, $strength = 4) { + function generate_password($length = 0, $strength = 0) { $password = ''; $charset = ''; + if ($length === 0 && $strength === 0) { //set length and strenth if specified in default settings and strength isn't numeric-only + $length = (is_numeric($_SESSION["security"]["password_length"]["var"])) ? $_SESSION["security"]["password_length"]["var"] : 10; + $strength = (is_numeric($_SESSION["security"]["password_strength"]["var"])) ? $_SESSION["security"]["password_strength"]["var"] : 4; + } if ($strength >= 1) { $charset .= "0123456789"; } if ($strength >= 2) { $charset .= "abcdefghijkmnopqrstuvwxyz"; } if ($strength >= 3) { $charset .= "ABCDEFGHIJKLMNPQRSTUVWXYZ"; } if ($strength >= 4) { $charset .= "!!!!!^$%*?....."; } srand((double)microtime() * rand(1000000, 9999999)); while ($length > 0) { - $password.= $charset[rand(0, strlen($charset)-1)]; + $password .= $charset[rand(0, strlen($charset)-1)]; $length--; } return $password;