From 60bc949ba1d5a6851e525868f69e997d4c8a2075 Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Thu, 3 Oct 2019 23:05:02 +0200 Subject: [ticket/14465] Remove setting for maximum password length PHPBB3-14465 --- phpBB/includes/acp/acp_board.php | 6 +-- phpBB/includes/acp/acp_users.php | 6 +-- phpBB/includes/questionnaire/questionnaire.php | 1 - phpBB/includes/ucp/ucp_profile.php | 6 +-- phpBB/includes/ucp/ucp_register.php | 6 +-- phpBB/install/schemas/schema_data.sql | 1 - phpBB/language/en/ucp.php | 8 ++-- phpBB/phpbb/console/command/user/add.php | 2 +- .../migration/data/v330/remove_max_pass_chars.php | 43 ++++++++++++++++++++++ phpBB/phpbb/ucp/controller/reset_password.php | 4 +- 10 files changed, 61 insertions(+), 22 deletions(-) create mode 100644 phpBB/phpbb/db/migration/data/v330/remove_max_pass_chars.php (limited to 'phpBB') diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index 7cbd0903bd..05871e4157 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -254,7 +254,6 @@ class acp_board 'vars' => array( 'legend1' => 'GENERAL_SETTINGS', 'max_name_chars' => array('lang' => 'USERNAME_LENGTH', 'validate' => 'int:8:180', 'type' => false, 'method' => false, 'explain' => false,), - 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,), 'require_activation' => array('lang' => 'ACC_ACTIVATION', 'validate' => 'int', 'type' => 'select', 'method' => 'select_acc_activation', 'explain' => true), 'new_member_post_limit' => array('lang' => 'NEW_MEMBER_POST_LIMIT', 'validate' => 'int:0:255', 'type' => 'number:0:255', 'explain' => true, 'append' => ' ' . $user->lang['POSTS']), @@ -417,7 +416,6 @@ class acp_board 'remote_upload_verify' => array('lang' => 'UPLOAD_CERT_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), - 'max_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:8:255', 'type' => false, 'method' => false, 'explain' => false,), 'min_pass_chars' => array('lang' => 'PASSWORD_LENGTH', 'validate' => 'int:1', 'type' => 'custom', 'method' => 'password_length', 'explain' => true), 'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true), 'chg_passforce' => array('lang' => 'FORCE_PASS_CHANGE', 'validate' => 'int:0:999', 'type' => 'number:0:999', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']), @@ -895,13 +893,13 @@ class acp_board } /** - * Maximum/Minimum password length + * Minimum password length */ function password_length($value, $key) { global $user; - return ' ' . $user->lang['MIN_CHARS'] . '   ' . $user->lang['MAX_CHARS']; + return ' ' . $user->lang['MIN_CHARS']; } /** diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index fd4b5e8c24..1b66943490 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -844,9 +844,9 @@ class acp_users // Validation data - we do not check the password complexity setting here $check_ary = array( 'new_password' => array( - array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + array('string', true, $config['min_pass_chars'], 0), array('password')), - 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + 'password_confirm' => array('string', true, $config['min_pass_chars'], 0), ); // Check username if altered @@ -1130,7 +1130,7 @@ class acp_users $template->assign_vars(array( 'L_NAME_CHARS_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), - 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), + 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])), 'L_POSTS_IN_QUEUE' => $user->lang('NUM_POSTS_IN_QUEUE', $user_row['posts_in_queue']), 'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false, diff --git a/phpBB/includes/questionnaire/questionnaire.php b/phpBB/includes/questionnaire/questionnaire.php index f5a56fda82..95036a95bc 100644 --- a/phpBB/includes/questionnaire/questionnaire.php +++ b/phpBB/includes/questionnaire/questionnaire.php @@ -402,7 +402,6 @@ class phpbb_questionnaire_phpbb_data_provider 'max_login_attempts' => true, 'max_name_chars' => true, 'max_num_search_keywords' => true, - 'max_pass_chars' => true, 'max_poll_options' => true, 'max_post_chars' => true, 'max_post_font_size' => true, diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index 36ab3d0463..6d98362e08 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -70,9 +70,9 @@ class ucp_profile // Do not check cur_password, it is the old one. $check_ary = array( 'new_password' => array( - array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + array('string', true, $config['min_pass_chars'], 0), array('password')), - 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']), + 'password_confirm' => array('string', true, $config['min_pass_chars'], 0), 'email' => array( array('string', false, 6, 60), array('user_email')), @@ -267,7 +267,7 @@ class ucp_profile 'CUR_PASSWORD' => '', 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), - 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), + 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])), 'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false, 'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false, diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 0e3ff50268..97d2631224 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -275,9 +275,9 @@ class ucp_register array('string', false, $config['min_name_chars'], $config['max_name_chars']), array('username', '')), 'new_password' => array( - array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), + array('string', false, $config['min_pass_chars'], 0), array('password')), - 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), + 'password_confirm' => array('string', false, $config['min_pass_chars'], 0), 'email' => array( array('string', false, 6, 60), array('user_email')), @@ -638,7 +638,7 @@ class ucp_register 'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])), - 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])), + 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])), 'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_PRESELECT' => !$submit, diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql index 2854f71606..f859d1674e 100644 --- a/phpBB/install/schemas/schema_data.sql +++ b/phpBB/install/schemas/schema_data.sql @@ -206,7 +206,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_filesize_pm', INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_login_attempts', '3'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_name_chars', '20'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_num_search_keywords', '10'); -INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_pass_chars', '100'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_poll_options', '10'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_chars', '60000'); INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_post_font_size', '200'); diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 542d814911..57319ae26b 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -410,10 +410,10 @@ $lang = array_merge($lang, array( 'NO_WATCHED_SELECTED' => 'You have not selected any subscribed topics or forums.', 'NO_WATCHED_TOPICS' => 'You are not subscribed to any topics.', - 'PASS_TYPE_ALPHA_EXPLAIN' => 'Password must be between %1$s and %2$s long, must contain letters in mixed case and must contain numbers.', - 'PASS_TYPE_ANY_EXPLAIN' => 'Must be between %1$s and %2$s.', - 'PASS_TYPE_CASE_EXPLAIN' => 'Password must be between %1$s and %2$s long and must contain letters in mixed case.', - 'PASS_TYPE_SYMBOL_EXPLAIN' => 'Password must be between %1$s and %2$s long, must contain letters in mixed case, must contain numbers and must contain symbols.', + 'PASS_TYPE_ALPHA_EXPLAIN' => 'Password must be at least %1$s long, must contain letters in mixed case and must contain numbers.', + 'PASS_TYPE_ANY_EXPLAIN' => 'Must be at least %1$s long.', + 'PASS_TYPE_CASE_EXPLAIN' => 'Password must be at least %1$s long and must contain letters in mixed case.', + 'PASS_TYPE_SYMBOL_EXPLAIN' => 'Password must be at least %1$s long, must contain letters in mixed case, must contain numbers and must contain symbols.', 'PASSWORD' => 'Password', 'PASSWORD_ACTIVATED' => 'Your new password has been activated.', 'PASSWORD_RESET' => 'Your password has been successfully reset.', diff --git a/phpBB/phpbb/console/command/user/add.php b/phpBB/phpbb/console/command/user/add.php index c60a059251..303216a93d 100644 --- a/phpBB/phpbb/console/command/user/add.php +++ b/phpBB/phpbb/console/command/user/add.php @@ -239,7 +239,7 @@ class add extends command array('string', false, $this->config['min_name_chars'], $this->config['max_name_chars']), array('username', '')), 'new_password' => array( - array('string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']), + array('string', false, $this->config['min_pass_chars'], 0), array('password')), 'email' => array( array('string', false, 6, 60), diff --git a/phpBB/phpbb/db/migration/data/v330/remove_max_pass_chars.php b/phpBB/phpbb/db/migration/data/v330/remove_max_pass_chars.php new file mode 100644 index 0000000000..10e5ee385d --- /dev/null +++ b/phpBB/phpbb/db/migration/data/v330/remove_max_pass_chars.php @@ -0,0 +1,43 @@ + + * @license GNU General Public License, version 2 (GPL-2.0) + * + * For full copyright and license information, please see + * the docs/CREDITS.txt file. + * + */ + +namespace phpbb\db\migration\data\v330; + +class remove_max_pass_chars extends \phpbb\db\migration\migration +{ + public function effectively_installed() + { + return !$this->config->offsetExists('max_pass_chars'); + } + + public static function depends_on() + { + return [ + '\phpbb\db\migration\data\v330\dev', + ]; + } + + public function update_data() + { + return [ + ['config.remove', ['max_pass_chars']], + ]; + } + + public function revert_data() + { + return [ + ['config.add', ['max_pass_chars', 100]], + ]; + } +} diff --git a/phpBB/phpbb/ucp/controller/reset_password.php b/phpBB/phpbb/ucp/controller/reset_password.php index 666957b0dc..7bd1b20cb3 100644 --- a/phpBB/phpbb/ucp/controller/reset_password.php +++ b/phpBB/phpbb/ucp/controller/reset_password.php @@ -393,10 +393,10 @@ class reset_password ]; $check_data = [ 'new_password' => [ - ['string', false, $this->config['min_pass_chars'], $this->config['max_pass_chars']], + ['string', false, $this->config['min_pass_chars'], 0], ['password'], ], - 'password_confirm' => ['string', true, $this->config['min_pass_chars'], $this->config['max_pass_chars']], + 'password_confirm' => ['string', true, $this->config['min_pass_chars'], 0], ]; $errors = array_merge($errors, validate_data($data, $check_data)); if (strcmp($data['new_password'], $data['password_confirm']) !== 0) -- cgit v1.2.1