From 3d8a5aa2f54dc5c751e7ed4521bf3c1c9c02f0a2 Mon Sep 17 00:00:00 2001 From: Git Date: Fri, 9 May 2014 08:00:53 +0000 Subject: [PATCH] Empty commit --- sections/login/index.php | 9 +++++++-- sections/login/recover_step2.php | 2 +- sections/register/index.php | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/sections/login/index.php b/sections/login/index.php index 78821168..21644647 100644 --- a/sections/login/index.php +++ b/sections/login/index.php @@ -45,7 +45,7 @@ if ($UserID && strtotime($Expires) > time()) { // If the user has requested a password change, and his key has not expired - $Validate->SetFields('password', '1', 'regex', 'You entered an invalid password. A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, contains at least a number or symbol', array('regex' => '/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/')); + $Validate->SetFields('password', '1', 'regex', 'You entered an invalid password. A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, contains at least a number or symbol', array('regex' => '/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/')); $Validate->SetFields('verifypassword', '1', 'compare', 'Your passwords did not match.', array('comparefield' => 'password')); if (!empty($_REQUEST['password'])) { @@ -62,8 +62,13 @@ m.PassHash = '".db_string(Users::make_crypt_hash($_REQUEST['password']))."', i.ResetKey = '', i.ResetExpires = '0000-00-00 00:00:00' - WHERE m.ID = '".db_string($UserID)."' + WHERE m.ID = '$UserID' AND i.UserID = m.ID"); + $DB->query(" + INSERT INTO users_history_passwords + (UserID, ChangerIP, ChangeTime) + VALUES + ('$UserID', '$_SERVER[REMOTE_ADDR]', '".sqltime()."')"); $Reset = true; // Past tense form of "to reset", meaning that password has now been reset diff --git a/sections/login/recover_step2.php b/sections/login/recover_step2.php index 509c569c..21f9a3fa 100644 --- a/sections/login/recover_step2.php +++ b/sections/login/recover_step2.php @@ -13,7 +13,7 @@ if (!empty($Err)) { ?>

- A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol.

+ A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol.

diff --git a/sections/register/index.php b/sections/register/index.php index 0d33e82e..80696742 100644 --- a/sections/register/index.php +++ b/sections/register/index.php @@ -34,7 +34,7 @@ } elseif (OPEN_REGISTRATION || !empty($_REQUEST['invite'])) { $Val->SetFields('username', true, 'regex', 'You did not enter a valid username.', array('regex' => USERNAME_REGEX)); $Val->SetFields('email', true, 'email', 'You did not enter a valid email address.'); - $Val->SetFields('password', true, 'regex', 'A strong password is between 8 and 40 characters long, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/')); + $Val->SetFields('password', true, 'regex', 'A strong password is 8 characters or longer, contains at least 1 lowercase and uppercase letter, and contains at least a number or symbol', array('regex'=>'/(?=^.{8,}$)(?=.*[^a-zA-Z])(?=.*[A-Z])(?=.*[a-z]).*$/')); $Val->SetFields('confirm_password', true, 'compare', 'Your passwords do not match.', array('comparefield' => 'password')); $Val->SetFields('readrules', true, 'checkbox', 'You did not select the box that says you will read the rules.'); $Val->SetFields('readwiki', true, 'checkbox', 'You did not select the box that says you will read the wiki.');
Password