1 files changed, 24 insertions, 0 deletions
diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php
index 870c20f665..b5dfecb45f 100644
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@@ -1034,6 +1034,7 @@ function validate_match($string, $optional = false, $match)
 * Also checks if it includes the " character, which we don't allow in usernames.
 * Used for registering, changing names, and posting anonymously with a username
 *
+* @todo do we really check and disallow the " character in usernames as written above. Has it only be forgotten to include the check?
 * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
 */
 function validate_username($username)
@@ -1106,6 +1107,29 @@ function validate_username($username)
 }
 
 /**
+* Check to see if the password meets the complexity settings
+*
+* @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)
+*/
+function validate_password($password)
+{
+	global $config, $db, $user;
+
+	if (!$password)
+	{
+		return false;
+	}
+
+	// We only check for existance of characters
+	if (!preg_match('#' . str_replace('\\\\', '\\', $config['pass_complex']) . '#i', $password))
+	{
+		return 'INVALID_CHARS';
+	}
+
+	return false;
+}
+
+/**
 * Check to see if email address is banned or already present in the DB
 *
 * @return	boolean|string	Either false if validation succeeded or a string which will be used as the error message (with the variable name appended)