Extension - Edit: Honor password requirements.

2026-03-09 10:08:45 +00:00 · 2026-01-12 13:02:11 -07:00
parent 1e43abbc51
commit f5847e5e5b
2 changed files with 184 additions and 15 deletions
--- a/app/extensions/app_languages.php
+++ b/app/extensions/app_languages.php
@@ -2536,6 +2536,141 @@ $text['label-generate']['zh-cn'] = "產生";
 $text['label-generate']['ja-jp'] = "生成";
 $text['label-generate']['ko-kr'] = "생성하다";

+$text['label-characters']['en-us'] = "Invalid Length";
+$text['label-characters']['en-gb'] = "Invalid Length";
+$text['label-characters']['ar-eg'] = "الشخصيات";
+$text['label-characters']['de-at'] = "Zeichen";
+$text['label-characters']['de-ch'] = "Zeichen";
+$text['label-characters']['de-de'] = "Zeichen";
+$text['label-characters']['el-gr'] = "Μη έγκυρο μήκος κωδικού πρόσβασης";
+$text['label-characters']['es-cl'] = "Longitud de contraseña inválida";
+$text['label-characters']['es-mx'] = "Longitud de contraseña inválida";
+$text['label-characters']['fr-ca'] = "Longueur de mot de passe non valide";
+$text['label-characters']['fr-fr'] = "Longueur de mot de passe non valide";
+$text['label-characters']['he-il'] = "דמויות";
+$text['label-characters']['it-it'] = "Caratteri";
+$text['label-characters']['ka-ge'] = "არასწორი პაროლის სიგრძე";
+$text['label-characters']['nl-nl'] = "Invalide Length";
+$text['label-characters']['pl-pl'] = "Postacie";
+$text['label-characters']['pt-br'] = "Personagens";
+$text['label-characters']['pt-pt'] = "Personagens";
+$text['label-characters']['ro-ro'] = "caractere";
+$text['label-characters']['ru-ru'] = "символов";
+$text['label-characters']['sv-se'] = "Tecken";
+$text['label-characters']['uk-ua'] = "персонажі";
+$text['label-characters']['tr-tr'] = "Geçersiz Şifre Uzunluğu";
+$text['label-characters']['zh-cn'] = "密码长度无效";
+$text['label-characters']['ja-jp'] = "無効なパスワードの長さ";
+$text['label-characters']['ko-kr'] = "잘못된 비밀번호 길이";
+
+$text['label-numbers']['en-us'] = "Numbers";
+$text['label-numbers']['en-gb'] = "Numbers";
+$text['label-numbers']['ar-eg'] = "أرقام";
+$text['label-numbers']['de-at'] = "Nummern";
+$text['label-numbers']['de-ch'] = "Nummern";
+$text['label-numbers']['de-de'] = "Nummern";
+$text['label-numbers']['el-gr'] = "Αριθμοί";
+$text['label-numbers']['es-cl'] = "Números";
+$text['label-numbers']['es-mx'] = "Números";
+$text['label-numbers']['fr-ca'] = "Nombres";
+$text['label-numbers']['fr-fr'] = "Nombres";
+$text['label-numbers']['he-il'] = "מספרים";
+$text['label-numbers']['it-it'] = "Numeri";
+$text['label-numbers']['ka-ge'] = "ციფრები";
+$text['label-numbers']['nl-nl'] = "Nummers";
+$text['label-numbers']['pl-pl'] = "Liczby";
+$text['label-numbers']['pt-br'] = "Números";
+$text['label-numbers']['pt-pt'] = "Números";
+$text['label-numbers']['ro-ro'] = "numere";
+$text['label-numbers']['ru-ru'] = "Цифры";
+$text['label-numbers']['sv-se'] = "Nummer";
+$text['label-numbers']['uk-ua'] = "чисел";
+$text['label-numbers']['tr-tr'] = "Sayılar";
+$text['label-numbers']['zh-cn'] = "数字";
+$text['label-numbers']['ja-jp'] = "ナンバー";
+$text['label-numbers']['ko-kr'] = "민수기";
+
+$text['label-lowercase_letters']['en-us'] = "Lowercase Letters";
+$text['label-lowercase_letters']['en-gb'] = "Lowercase Letters";
+$text['label-lowercase_letters']['ar-eg'] = "أحرف صغيرة";
+$text['label-lowercase_letters']['de-at'] = "Kleinbuchstaben";
+$text['label-lowercase_letters']['de-ch'] = "Kleinbuchstaben";
+$text['label-lowercase_letters']['de-de'] = "Kleinbuchstaben";
+$text['label-lowercase_letters']['el-gr'] = "Πεζά γράμματα";
+$text['label-lowercase_letters']['es-cl'] = "Letras minusculas";
+$text['label-lowercase_letters']['es-mx'] = "Letras minusculas";
+$text['label-lowercase_letters']['fr-ca'] = "Minuscules";
+$text['label-lowercase_letters']['fr-fr'] = "Minuscules";
+$text['label-lowercase_letters']['he-il'] = "אותיות קטנות";
+$text['label-lowercase_letters']['it-it'] = "Lettere Minuscole";
+$text['label-lowercase_letters']['ka-ge'] = "პატარა ასოები";
+$text['label-lowercase_letters']['nl-nl'] = "Lawercase Letters";
+$text['label-lowercase_letters']['pl-pl'] = "Małe litery";
+$text['label-lowercase_letters']['pt-br'] = "Letras minúsculas";
+$text['label-lowercase_letters']['pt-pt'] = "Letras minúsculas";
+$text['label-lowercase_letters']['ro-ro'] = "Litere mici";
+$text['label-lowercase_letters']['ru-ru'] = "Строчные буквы";
+$text['label-lowercase_letters']['sv-se'] = "Gemener";
+$text['label-lowercase_letters']['uk-ua'] = "Букви нижнього регістру";
+$text['label-lowercase_letters']['tr-tr'] = "Küçük harfler";
+$text['label-lowercase_letters']['zh-cn'] = "小写字母";
+$text['label-lowercase_letters']['ja-jp'] = "小文字";
+$text['label-lowercase_letters']['ko-kr'] = "소문자";
+
+$text['label-uppercase_letters']['en-us'] = "Uppercase Letters";
+$text['label-uppercase_letters']['en-gb'] = "Uppercase Letters";
+$text['label-uppercase_letters']['ar-eg'] = "الأحرف الكبيرة";
+$text['label-uppercase_letters']['de-at'] = "Großbuchstaben";
+$text['label-uppercase_letters']['de-ch'] = "Großbuchstaben";
+$text['label-uppercase_letters']['de-de'] = "Großbuchstaben";
+$text['label-uppercase_letters']['el-gr'] = "Κεφάλαια γράμματα";
+$text['label-uppercase_letters']['es-cl'] = "Letras mayúsculas";
+$text['label-uppercase_letters']['es-mx'] = "Letras mayúsculas";
+$text['label-uppercase_letters']['fr-ca'] = "Lettres capitales";
+$text['label-uppercase_letters']['fr-fr'] = "Lettres capitales";
+$text['label-uppercase_letters']['he-il'] = "אותיות רישיות";
+$text['label-uppercase_letters']['it-it'] = "Lettere Maiuscole";
+$text['label-uppercase_letters']['ka-ge'] = "დიდი ასოები";
+$text['label-uppercase_letters']['nl-nl'] = "Vertaling:";
+$text['label-uppercase_letters']['pl-pl'] = "Wielkie litery";
+$text['label-uppercase_letters']['pt-br'] = "Letras maiúsculas";
+$text['label-uppercase_letters']['pt-pt'] = "Letras maiúsculas";
+$text['label-uppercase_letters']['ro-ro'] = "Litere mari";
+$text['label-uppercase_letters']['ru-ru'] = "Заглавные буквы";
+$text['label-uppercase_letters']['sv-se'] = "Versala bokstäver";
+$text['label-uppercase_letters']['uk-ua'] = "Великі літери";
+$text['label-uppercase_letters']['tr-tr'] = "Büyük harfler";
+$text['label-uppercase_letters']['zh-cn'] = "大写字母";
+$text['label-uppercase_letters']['ja-jp'] = "アッパーケースレター";
+$text['label-uppercase_letters']['ko-kr'] = "Uppercase 편지";
+
+$text['label-special_characters']['en-us'] = "Special Characters";
+$text['label-special_characters']['en-gb'] = "Special Characters";
+$text['label-special_characters']['ar-eg'] = "أحرف خاصة";
+$text['label-special_characters']['de-at'] = "Sonderzeichen";
+$text['label-special_characters']['de-ch'] = "Sonderzeichen";
+$text['label-special_characters']['de-de'] = "Sonderzeichen";
+$text['label-special_characters']['el-gr'] = "Ειδικοί χαρακτήρες";
+$text['label-special_characters']['es-cl'] = "Caracteres especiales";
+$text['label-special_characters']['es-mx'] = "Caracteres especiales";
+$text['label-special_characters']['fr-ca'] = "Caractères spéciaux";
+$text['label-special_characters']['fr-fr'] = "Caractères spéciaux";
+$text['label-special_characters']['he-il'] = "תווים מיוחדים";
+$text['label-special_characters']['it-it'] = "Caratteri Speciali";
+$text['label-special_characters']['ka-ge'] = "სპეციალური სიმბოლოები";
+$text['label-special_characters']['nl-nl'] = "Speciale Characters";
+$text['label-special_characters']['pl-pl'] = "Znaki specjalne";
+$text['label-special_characters']['pt-br'] = "Caracteres especiais";
+$text['label-special_characters']['pt-pt'] = "Caracteres especiais";
+$text['label-special_characters']['ro-ro'] = "caractere speciale";
+$text['label-special_characters']['ru-ru'] = "Специальные символы";
+$text['label-special_characters']['sv-se'] = "Specialtecken";
+$text['label-special_characters']['uk-ua'] = "спеціальні символи";
+$text['label-special_characters']['tr-tr'] = "Özel karakterler";
+$text['label-special_characters']['zh-cn'] = "特殊字符";
+$text['label-special_characters']['ja-jp'] = "特殊文字";
+$text['label-special_characters']['ko-kr'] = "특수 문자";
+
 $text['header-extensions']['en-us'] = "Extensions";
 $text['header-extensions']['en-gb'] = "Extensions";
 $text['header-extensions']['ar-eg'] = "الأرقام الداخلية";
--- a/app/extensions/extension_edit.php
+++ b/app/extensions/extension_edit.php
@@ -73,8 +73,12 @@
 	$extension_limit_max						= $settings->get('extension', 'limit_max', 5);
 	$extension_call_timeout						= $settings->get('extension', 'call_timeout', 30);
 	$extension_max_registrations				= $settings->get('extension', 'max_registrations', null);
+	$extension_password_strength				= $settings->get('extension', 'password_strength', 4);      //set default to use numbers, uppercase and lowercase letters, special characters
 	$extension_password_length					= $settings->get('extension', 'password_length', 20);       //set default to 20
-	$extension_password_strength				= $settings->get('extension', 'password_strength', 4);      //set default to use numbers, Upper/Lowercase letters, special characters
+	$extension_password_number					= $settings->get('extension', 'password_number', false);
+	$extension_password_lowercase				= $settings->get('extension', 'password_lowercase', false);
+	$extension_password_uppercase				= $settings->get('extension', 'password_uppercase', false);
+	$extension_password_special					= $settings->get('extension', 'password_special', false);
 	$extension_user_record_default				= $settings->get('extension', 'user_record_default', '');
 	$extension_type								= $settings->get('extension', 'type', 'default');
 	$provision_path								= $settings->get('provision', 'path', '');
@@ -373,20 +377,50 @@
 				exit;
 			}

-		//check for all required data
-			$msg = '';
-			if (empty($extension)) { $msg .= $text['message-required'].$text['label-extension']."<br>\n"; }
-			if (!empty($msg) && empty($_POST["persistformvar"])) {
-				require_once "resources/header.php";
-				require_once "resources/persist_form_var.php";
-				echo "<div align='center'>\n";
-				echo "<table><tr><td>\n";
-				echo $msg."<br />";
-				echo "</td></tr></table>\n";
-				persistformvar($_POST);
-				echo "</div>\n";
-				require_once "resources/footer.php";
-				return;
+		//initialize
+			$invalid = [];
+
+		//check required values
+			if (empty($extension)) {
+				$invalid[] = $text['label-extension'];
+			}
+
+		//require passwords with the defined required attributes: length, number, lower case, upper case, and special characters
+			if (permission_exists('extension_password') && !empty($password)) {
+				if (strlen($password) < $extension_password_length) {
+					$invalid[] = $text['label-password'].": ".$text['label-characters'];
+				}
+				if ($extension_password_number) {
+					if (!preg_match('/(?=.*[\d])/', $password)) {
+						$invalid[] = $text['label-password'].": ".$text['label-numbers'];
+					}
+				}
+				if ($extension_password_lowercase) {
+					if (!preg_match('/(?=.*[a-z])/', $password)) {
+						$invalid[] = $text['label-password'].": ".$text['label-lowercase_letters'];
+					}
+				}
+				if ($extension_password_uppercase) {
+					if (!preg_match('/(?=.*[A-Z])/', $password)) {
+						$invalid[] = $text['label-password'].": ".$text['label-uppercase_letters'];
+					}
+				}
+				if ($extension_password_special) {
+					if (!preg_match('/(?=.*[\W])/', $password)) {
+						$invalid[] = $text['label-password'].": ".$text['label-special_characters'];
+					}
+				}
+			}
+
+		//return if error
+			if (message::count() != 0 || !empty($invalid)) {
+				if ($invalid) { message::add($text['message-required'].implode(', ', $invalid), 'negative', 7500); }
+				persistent_form_values('store', $_POST);
+				header("Location: extension_edit.php?".(permission_exists('extension_edit') && $action != 'add' ? "&id=".urlencode($extension_uuid) : null).(!empty($order_by) ? '&order_by='.$order_by : null).(!empty($order) ? '&order='.$order : null).(!empty($page) ? '&page='.$page : null));
+				exit;
+			}
+			else {
+				persistent_form_values('clear');
 			}

 		//prevent users from bypassing extension limit by using range