From f5847e5e5bb21a4ba90e68d88a9c037f8431c404 Mon Sep 17 00:00:00 2001 From: fusionate Date: Mon, 12 Jan 2026 13:02:11 -0700 Subject: [PATCH] Extension - Edit: Honor password requirements. --- app/extensions/app_languages.php | 135 ++++++++++++++++++++++++++++++ app/extensions/extension_edit.php | 64 ++++++++++---- 2 files changed, 184 insertions(+), 15 deletions(-) diff --git a/app/extensions/app_languages.php b/app/extensions/app_languages.php index 4658983fb5..eff9e18a5a 100644 --- a/app/extensions/app_languages.php +++ b/app/extensions/app_languages.php @@ -2536,6 +2536,141 @@ $text['label-generate']['zh-cn'] = "產生"; $text['label-generate']['ja-jp'] = "生成"; $text['label-generate']['ko-kr'] = "생성하다"; +$text['label-characters']['en-us'] = "Invalid Length"; +$text['label-characters']['en-gb'] = "Invalid Length"; +$text['label-characters']['ar-eg'] = "الشخصيات"; +$text['label-characters']['de-at'] = "Zeichen"; +$text['label-characters']['de-ch'] = "Zeichen"; +$text['label-characters']['de-de'] = "Zeichen"; +$text['label-characters']['el-gr'] = "Μη έγκυρο μήκος κωδικού πρόσβασης"; +$text['label-characters']['es-cl'] = "Longitud de contraseña inválida"; +$text['label-characters']['es-mx'] = "Longitud de contraseña inválida"; +$text['label-characters']['fr-ca'] = "Longueur de mot de passe non valide"; +$text['label-characters']['fr-fr'] = "Longueur de mot de passe non valide"; +$text['label-characters']['he-il'] = "דמויות"; +$text['label-characters']['it-it'] = "Caratteri"; +$text['label-characters']['ka-ge'] = "არასწორი პაროლის სიგრძე"; +$text['label-characters']['nl-nl'] = "Invalide Length"; +$text['label-characters']['pl-pl'] = "Postacie"; +$text['label-characters']['pt-br'] = "Personagens"; +$text['label-characters']['pt-pt'] = "Personagens"; +$text['label-characters']['ro-ro'] = "caractere"; +$text['label-characters']['ru-ru'] = "символов"; +$text['label-characters']['sv-se'] = "Tecken"; +$text['label-characters']['uk-ua'] = "персонажі"; +$text['label-characters']['tr-tr'] = "Geçersiz Şifre Uzunluğu"; +$text['label-characters']['zh-cn'] = "密码长度无效"; +$text['label-characters']['ja-jp'] = "無効なパスワードの長さ"; +$text['label-characters']['ko-kr'] = "잘못된 비밀번호 길이"; + +$text['label-numbers']['en-us'] = "Numbers"; +$text['label-numbers']['en-gb'] = "Numbers"; +$text['label-numbers']['ar-eg'] = "أرقام"; +$text['label-numbers']['de-at'] = "Nummern"; +$text['label-numbers']['de-ch'] = "Nummern"; +$text['label-numbers']['de-de'] = "Nummern"; +$text['label-numbers']['el-gr'] = "Αριθμοί"; +$text['label-numbers']['es-cl'] = "Números"; +$text['label-numbers']['es-mx'] = "Números"; +$text['label-numbers']['fr-ca'] = "Nombres"; +$text['label-numbers']['fr-fr'] = "Nombres"; +$text['label-numbers']['he-il'] = "מספרים"; +$text['label-numbers']['it-it'] = "Numeri"; +$text['label-numbers']['ka-ge'] = "ციფრები"; +$text['label-numbers']['nl-nl'] = "Nummers"; +$text['label-numbers']['pl-pl'] = "Liczby"; +$text['label-numbers']['pt-br'] = "Números"; +$text['label-numbers']['pt-pt'] = "Números"; +$text['label-numbers']['ro-ro'] = "numere"; +$text['label-numbers']['ru-ru'] = "Цифры"; +$text['label-numbers']['sv-se'] = "Nummer"; +$text['label-numbers']['uk-ua'] = "чисел"; +$text['label-numbers']['tr-tr'] = "Sayılar"; +$text['label-numbers']['zh-cn'] = "数字"; +$text['label-numbers']['ja-jp'] = "ナンバー"; +$text['label-numbers']['ko-kr'] = "민수기"; + +$text['label-lowercase_letters']['en-us'] = "Lowercase Letters"; +$text['label-lowercase_letters']['en-gb'] = "Lowercase Letters"; +$text['label-lowercase_letters']['ar-eg'] = "أحرف صغيرة"; +$text['label-lowercase_letters']['de-at'] = "Kleinbuchstaben"; +$text['label-lowercase_letters']['de-ch'] = "Kleinbuchstaben"; +$text['label-lowercase_letters']['de-de'] = "Kleinbuchstaben"; +$text['label-lowercase_letters']['el-gr'] = "Πεζά γράμματα"; +$text['label-lowercase_letters']['es-cl'] = "Letras minusculas"; +$text['label-lowercase_letters']['es-mx'] = "Letras minusculas"; +$text['label-lowercase_letters']['fr-ca'] = "Minuscules"; +$text['label-lowercase_letters']['fr-fr'] = "Minuscules"; +$text['label-lowercase_letters']['he-il'] = "אותיות קטנות"; +$text['label-lowercase_letters']['it-it'] = "Lettere Minuscole"; +$text['label-lowercase_letters']['ka-ge'] = "პატარა ასოები"; +$text['label-lowercase_letters']['nl-nl'] = "Lawercase Letters"; +$text['label-lowercase_letters']['pl-pl'] = "Małe litery"; +$text['label-lowercase_letters']['pt-br'] = "Letras minúsculas"; +$text['label-lowercase_letters']['pt-pt'] = "Letras minúsculas"; +$text['label-lowercase_letters']['ro-ro'] = "Litere mici"; +$text['label-lowercase_letters']['ru-ru'] = "Строчные буквы"; +$text['label-lowercase_letters']['sv-se'] = "Gemener"; +$text['label-lowercase_letters']['uk-ua'] = "Букви нижнього регістру"; +$text['label-lowercase_letters']['tr-tr'] = "Küçük harfler"; +$text['label-lowercase_letters']['zh-cn'] = "小写字母"; +$text['label-lowercase_letters']['ja-jp'] = "小文字"; +$text['label-lowercase_letters']['ko-kr'] = "소문자"; + +$text['label-uppercase_letters']['en-us'] = "Uppercase Letters"; +$text['label-uppercase_letters']['en-gb'] = "Uppercase Letters"; +$text['label-uppercase_letters']['ar-eg'] = "الأحرف الكبيرة"; +$text['label-uppercase_letters']['de-at'] = "Großbuchstaben"; +$text['label-uppercase_letters']['de-ch'] = "Großbuchstaben"; +$text['label-uppercase_letters']['de-de'] = "Großbuchstaben"; +$text['label-uppercase_letters']['el-gr'] = "Κεφάλαια γράμματα"; +$text['label-uppercase_letters']['es-cl'] = "Letras mayúsculas"; +$text['label-uppercase_letters']['es-mx'] = "Letras mayúsculas"; +$text['label-uppercase_letters']['fr-ca'] = "Lettres capitales"; +$text['label-uppercase_letters']['fr-fr'] = "Lettres capitales"; +$text['label-uppercase_letters']['he-il'] = "אותיות רישיות"; +$text['label-uppercase_letters']['it-it'] = "Lettere Maiuscole"; +$text['label-uppercase_letters']['ka-ge'] = "დიდი ასოები"; +$text['label-uppercase_letters']['nl-nl'] = "Vertaling:"; +$text['label-uppercase_letters']['pl-pl'] = "Wielkie litery"; +$text['label-uppercase_letters']['pt-br'] = "Letras maiúsculas"; +$text['label-uppercase_letters']['pt-pt'] = "Letras maiúsculas"; +$text['label-uppercase_letters']['ro-ro'] = "Litere mari"; +$text['label-uppercase_letters']['ru-ru'] = "Заглавные буквы"; +$text['label-uppercase_letters']['sv-se'] = "Versala bokstäver"; +$text['label-uppercase_letters']['uk-ua'] = "Великі літери"; +$text['label-uppercase_letters']['tr-tr'] = "Büyük harfler"; +$text['label-uppercase_letters']['zh-cn'] = "大写字母"; +$text['label-uppercase_letters']['ja-jp'] = "アッパーケースレター"; +$text['label-uppercase_letters']['ko-kr'] = "Uppercase 편지"; + +$text['label-special_characters']['en-us'] = "Special Characters"; +$text['label-special_characters']['en-gb'] = "Special Characters"; +$text['label-special_characters']['ar-eg'] = "أحرف خاصة"; +$text['label-special_characters']['de-at'] = "Sonderzeichen"; +$text['label-special_characters']['de-ch'] = "Sonderzeichen"; +$text['label-special_characters']['de-de'] = "Sonderzeichen"; +$text['label-special_characters']['el-gr'] = "Ειδικοί χαρακτήρες"; +$text['label-special_characters']['es-cl'] = "Caracteres especiales"; +$text['label-special_characters']['es-mx'] = "Caracteres especiales"; +$text['label-special_characters']['fr-ca'] = "Caractères spéciaux"; +$text['label-special_characters']['fr-fr'] = "Caractères spéciaux"; +$text['label-special_characters']['he-il'] = "תווים מיוחדים"; +$text['label-special_characters']['it-it'] = "Caratteri Speciali"; +$text['label-special_characters']['ka-ge'] = "სპეციალური სიმბოლოები"; +$text['label-special_characters']['nl-nl'] = "Speciale Characters"; +$text['label-special_characters']['pl-pl'] = "Znaki specjalne"; +$text['label-special_characters']['pt-br'] = "Caracteres especiais"; +$text['label-special_characters']['pt-pt'] = "Caracteres especiais"; +$text['label-special_characters']['ro-ro'] = "caractere speciale"; +$text['label-special_characters']['ru-ru'] = "Специальные символы"; +$text['label-special_characters']['sv-se'] = "Specialtecken"; +$text['label-special_characters']['uk-ua'] = "спеціальні символи"; +$text['label-special_characters']['tr-tr'] = "Özel karakterler"; +$text['label-special_characters']['zh-cn'] = "特殊字符"; +$text['label-special_characters']['ja-jp'] = "特殊文字"; +$text['label-special_characters']['ko-kr'] = "특수 문자"; + $text['header-extensions']['en-us'] = "Extensions"; $text['header-extensions']['en-gb'] = "Extensions"; $text['header-extensions']['ar-eg'] = "الأرقام الداخلية"; diff --git a/app/extensions/extension_edit.php b/app/extensions/extension_edit.php index c842adbc53..cc7eea155d 100644 --- a/app/extensions/extension_edit.php +++ b/app/extensions/extension_edit.php @@ -73,8 +73,12 @@ $extension_limit_max = $settings->get('extension', 'limit_max', 5); $extension_call_timeout = $settings->get('extension', 'call_timeout', 30); $extension_max_registrations = $settings->get('extension', 'max_registrations', null); + $extension_password_strength = $settings->get('extension', 'password_strength', 4); //set default to use numbers, uppercase and lowercase letters, special characters $extension_password_length = $settings->get('extension', 'password_length', 20); //set default to 20 - $extension_password_strength = $settings->get('extension', 'password_strength', 4); //set default to use numbers, Upper/Lowercase letters, special characters + $extension_password_number = $settings->get('extension', 'password_number', false); + $extension_password_lowercase = $settings->get('extension', 'password_lowercase', false); + $extension_password_uppercase = $settings->get('extension', 'password_uppercase', false); + $extension_password_special = $settings->get('extension', 'password_special', false); $extension_user_record_default = $settings->get('extension', 'user_record_default', ''); $extension_type = $settings->get('extension', 'type', 'default'); $provision_path = $settings->get('provision', 'path', ''); @@ -373,20 +377,50 @@ exit; } - //check for all required data - $msg = ''; - if (empty($extension)) { $msg .= $text['message-required'].$text['label-extension']."
\n"; } - if (!empty($msg) && empty($_POST["persistformvar"])) { - require_once "resources/header.php"; - require_once "resources/persist_form_var.php"; - echo "
\n"; - echo "
\n"; - echo $msg."
"; - echo "
\n"; - persistformvar($_POST); - echo "
\n"; - require_once "resources/footer.php"; - return; + //initialize + $invalid = []; + + //check required values + if (empty($extension)) { + $invalid[] = $text['label-extension']; + } + + //require passwords with the defined required attributes: length, number, lower case, upper case, and special characters + if (permission_exists('extension_password') && !empty($password)) { + if (strlen($password) < $extension_password_length) { + $invalid[] = $text['label-password'].": ".$text['label-characters']; + } + if ($extension_password_number) { + if (!preg_match('/(?=.*[\d])/', $password)) { + $invalid[] = $text['label-password'].": ".$text['label-numbers']; + } + } + if ($extension_password_lowercase) { + if (!preg_match('/(?=.*[a-z])/', $password)) { + $invalid[] = $text['label-password'].": ".$text['label-lowercase_letters']; + } + } + if ($extension_password_uppercase) { + if (!preg_match('/(?=.*[A-Z])/', $password)) { + $invalid[] = $text['label-password'].": ".$text['label-uppercase_letters']; + } + } + if ($extension_password_special) { + if (!preg_match('/(?=.*[\W])/', $password)) { + $invalid[] = $text['label-password'].": ".$text['label-special_characters']; + } + } + } + + //return if error + if (message::count() != 0 || !empty($invalid)) { + if ($invalid) { message::add($text['message-required'].implode(', ', $invalid), 'negative', 7500); } + persistent_form_values('store', $_POST); + header("Location: extension_edit.php?".(permission_exists('extension_edit') && $action != 'add' ? "&id=".urlencode($extension_uuid) : null).(!empty($order_by) ? '&order_by='.$order_by : null).(!empty($order) ? '&order='.$order : null).(!empty($page) ? '&page='.$page : null)); + exit; + } + else { + persistent_form_values('clear'); } //prevent users from bypassing extension limit by using range