RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1507 from xisi/security-js-pwstrength

Browse Source 
Simple javascript password strength/match
This commit is contained in:
Sebastian Grewe 2014-01-21 00:04:18 -08:00
commit 0edd964930
5 changed files with 89 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
public/include/pages/login.inc.php
View File

@ -48,7 +48,7 @@ if ($setting->getValue('maintenance') && !$user->isAdmin($user->getUserId($_POST
}
}
// Check if recaptcha is enabled, process form data if valid
if (($setting->getValue('recaptcha_enabled') != 1 || $setting->getValue('recaptcha_enabled_logins') != 1 || $rsp->is_valid) && ($nocsrf == 1 || (!$config['csrf']['enabled'] || !$config['csrf']['forms']['login']))) {
if (($setting->getValue('recaptcha_enabled') != 1 || $setting->getValue('recaptcha_enabled_logins') != 1 || $rsp->is_valid) && ($nocsrf == 1 || (!$config['csrf']['enabled'] || in_array('login', $config['csrf']['disabled_forms'])))) {
if ($user->checkLogin(@$_POST['username'], @$_POST['password']) ) {
empty($_POST['to']) ? $to = $_SERVER['SCRIPT_NAME'] : $to = $_POST['to'];
$port = ($_SERVER["SERVER_PORT"] == "80" or $_SERVER["SERVER_PORT"] == "443") ? "" : (":".$_SERVER["SERVER_PORT"]);

78
public/site_assets/mpos/js/pwcheck.js Normal file
View File

@ -0,0 +1,78 @@
function scorePassword(pass) {
var score = 0;
if (!pass)
return score;
var letters = new Object();
for (var i=0; i<pass.length; i++) {
letters[pass[i]] = (letters[pass[i]] || 0) + 1;
score += 5.0 / letters[pass[i]];
}
var variations = {
digits: /\d/.test(pass),
lower: /[a-z]/.test(pass),
upper: /[A-Z]/.test(pass),
nonWords: /\W/.test(pass),
spChars: /!@#\$%\^\&*\)\(+=._-/.test(pass),
}
variationCount = 0;
for (var check in variations) {
variationCount += (variations[check] == true) ? 1 : 0;
}
score += (variationCount - 1) * 10;
return parseInt(score);
}
function checkPassStrength(pass) {
var score = scorePassword(pass);
if (score >= 80)
return "Excellent";
if (score >= 70)
return "Strong";
if (score >= 50)
return "Good";
if (score >= 40)
return "Weak";
if (score >= 10)
return "Very weak";
if (score < 10 && score > 1)
return "Extremely weak";
return "";
}
function getStrengthColor(pass) {
var score = scorePassword(pass)
if (score >= 80)
return "#390"
if (score >= 70)
return "#3C0"
if (score >= 50)
return "#399"
if (score >= 40)
return "#F60"
if (score >= 10)
return "#E00"
if (score < 10)
return "#C00"
return "#999"
}
function checkIfPasswordsMatch() {
var pwMatch = document.getElementById('pw_match');
var field1 = document.getElementById('pw_field').value;
var field2 = document.getElementById('pw_field2').value;
if (field1 == field2 && field1 !== "" && field2 !== "") {
pwMatch.innerHTML = "Passwords match!";
pwMatch.style.color = "#390";
} else if (field1 == "" || field2 == ""){
pwMatch.innerHTML = "";
} else {
pwMatch.innerHTML = "Passwords don't match!";
pwMatch.style.color = "#399";
}
}
$(document).ready(function() {
$("#pw_field,#pw_field2").on("keypress keyup keydown", function() {
var fieldValue = document.getElementById('pw_field').value;
var pwStrength = document.getElementById('pw_strength');
pwStrength.innerHTML = checkPassStrength(fieldValue);
pwStrength.style.color = getStrengthColor(fieldValue);
checkIfPasswordsMatch();
});
});

6
public/templates/mpos/account/edit/default.tpl
View File

@ -144,11 +144,13 @@
</fieldset>
<fieldset>
<label>New Password</label>
{nocache}<input type="password" name="newPassword" {if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.changepw && !$CHANGEPASSUNLOCKED}disabled{/if}/>{/nocache}
<p style="padding-right:10px;display:block;margin-top:0px;float:right;color:#999;" id="pw_strength"></p>
{nocache}<input type="password" name="newPassword" id="pw_field"{if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.changepw && !$CHANGEPASSUNLOCKED}disabled{/if}/>{/nocache}
</fieldset>
<fieldset>
<label>Repeat New Password</label>
{nocache}<input type="password" name="newPassword2" {if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.changepw && !$CHANGEPASSUNLOCKED}disabled{/if}/>{/nocache}
<p style="padding-right:10px;display:block;margin-top:0px;float:right;" id="pw_match"></p>
{nocache}<input type="password" name="newPassword2" id="pw_field2"{if $GLOBAL.twofactor.enabled && $GLOBAL.twofactor.options.changepw && !$CHANGEPASSUNLOCKED}disabled{/if}/>{/nocache}
</fieldset>
<fieldset>
<label>4 digit PIN</label>

2
public/templates/mpos/master.tpl
View File

@ -29,7 +29,7 @@
<script type="text/javascript" src="{$PATH}/js/tinybox.js"></script>
<script type="text/javascript" src="{$PATH}/../global/js/number_format.js"></script>
<!--[if IE]><script type="text/javascript" src="{$PATH}/js/excanvas.js"></script><![endif]-->
<script type="text/javascript" src="{$PATH}/js/pwcheck.js"></script>
{if $GLOBAL.statistics.analytics.enabled}
{$GLOBAL.statistics.analytics.code nofilter}
{/if}

8
public/templates/mpos/register/default.tpl
View File

@ -14,10 +14,12 @@
<input type="text" class="text tiny" name="username" value="{$smarty.post.username|escape|default:""}" size="15" maxlength="20" required>
</fieldset>
<fieldset>
<label>Password</label>
<input type="password" class="text tiny" name="password1" value="" size="15" maxlength="100" required>
<label>Password</label>
<p style="padding-right:10px;display:block;margin-top:0px;float:right;color:#999;" id="pw_strength">Strength</p>
<input type="password" class="text tiny" name="password1" value="" size="15" maxlength="100" id="pw_field" required>
<label>Repeat Password</label>
<input type="password" class="text tiny" name="password2" value="" size="15" maxlength="100" required>
<p style="padding-right:10px;display:block;margin-top:0px;float:right;" id="pw_match"></p>
<input type="password" class="text tiny" name="password2" value="" size="15" maxlength="100" id="pw_field2" required>
</fieldset>
<fieldset>
<label>Email</label>