From b5ee91b50e5fedcc423018ae2886b4cf3a7790e4 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sun, 10 Feb 2008 13:19:05 +0000 Subject: [PATCH] added password policy settings --- lam/help/help.inc | 2 ++ lam/lib/config.inc | 28 ++++++++++++++++- lam/templates/config/mainmanage.php | 48 +++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+), 1 deletion(-) diff --git a/lam/help/help.inc b/lam/help/help.inc index 8335a847..68d07a6d 100644 --- a/lam/help/help.inc +++ b/lam/help/help.inc @@ -134,6 +134,8 @@ $helpArray = array ( "Text" => _("Here you can select where LAM should save its log messages. System logging will go to Syslog on Unix systems and event log on Windows. You can also select an extra file.")), "241" => array ("Headline" => _("Allowed hosts"), "Text" => _("This is a list of IP addresses from hosts who may access LAM. You can use \"*\" as wildcard (e.g. 192.168.0.*).")), + "242" => array ("Headline" => _("Password policy"), + "Text" => _("Here you can specify minimum requirements for passwords. The character classes are: lowercase, uppercase, numeric and symbols.")), "250" => array ("Headline" => _("Account lists - Filters"), "Text" => _("Here you can input small filter expressions (e.g. 'value' or 'v*'). LAM will filter case-insensitive.")), // 300 - 399 diff --git a/lam/lib/config.inc b/lam/lib/config.inc index d36c841c..0bab5666 100644 --- a/lam/lib/config.inc +++ b/lam/lib/config.inc @@ -898,10 +898,30 @@ class LAMCfgMain { /** list of hosts which may access LAM */ public $allowedHosts; + + /** minimum length for passwords */ + public $passwordMinLength = 0; + + /** minimum uppercase characters */ + public $passwordMinUpper = 0; + + /** minimum lowercase characters */ + public $passwordMinLower = 0; + + /** minimum numeric characters */ + public $passwordMinNumeric = 0; + + /** minimum symbol characters */ + public $passwordMinSymbol = 0; + + /** minimum character classes (upper, lower, numeric, symbols) */ + public $passwordMinClasses = 0; /** list of data fields to save in config file */ private $settings = array("password", "default", "sessionTimeout", - "logLevel", "logDestination", "allowedHosts"); + "logLevel", "logDestination", "allowedHosts", "passwordMinLength", + "passwordMinUpper", "passwordMinLower", "passwordMinNumeric", + "passwordMinClasses", "passwordMinSymbol"); /** * Loads preferences from config file @@ -981,6 +1001,12 @@ class LAMCfgMain { if (!in_array("logLevel", $saved)) array_push($file_array, "\n\n# log level\n" . "logLevel: " . $this->logLevel); if (!in_array("logDestination", $saved)) array_push($file_array, "\n\n# log destination\n" . "logDestination: " . $this->logDestination); if (!in_array("allowedHosts", $saved)) array_push($file_array, "\n\n# list of hosts which may access LAM\n" . "allowedHosts: " . $this->allowedHosts); + if (!in_array("passwordMinLength", $saved)) array_push($file_array, "\n\n# Password: minimum password length\n" . "passwordMinLength: " . $this->passwordMinLength); + if (!in_array("passwordMinUpper", $saved)) array_push($file_array, "\n\n# Password: minimum uppercase characters\n" . "passwordMinUpper: " . $this->passwordMinUpper); + if (!in_array("passwordMinLower", $saved)) array_push($file_array, "\n\n# Password: minimum lowercase characters\n" . "passwordMinLower: " . $this->passwordMinLower); + if (!in_array("passwordMinNumeric", $saved)) array_push($file_array, "\n\n# Password: minimum numeric characters\n" . "passwordMinNumeric: " . $this->passwordMinNumeric); + if (!in_array("passwordMinSymbol", $saved)) array_push($file_array, "\n\n# Password: minimum symbolic characters\n" . "passwordMinSymbol: " . $this->passwordMinSymbol); + if (!in_array("passwordMinClasses", $saved)) array_push($file_array, "\n\n# Password: minimum character classes (0-4)\n" . "passwordMinClasses: " . $this->passwordMinClasses); $file = @fopen($conffile, "w"); if ($file) { for ($i = 0; $i < sizeof($file_array); $i++) fputs($file, $file_array[$i]); diff --git a/lam/templates/config/mainmanage.php b/lam/templates/config/mainmanage.php index 829b17a2..b980fc64 100644 --- a/lam/templates/config/mainmanage.php +++ b/lam/templates/config/mainmanage.php @@ -122,6 +122,13 @@ if ($_POST['submit']) { } else $errors[] = _("The log file is empty or contains invalid characters! Valid characters are: a-z, A-Z, 0-9, /, \\, ., :, _ and -."); } + // password policies + $cfg->passwordMinLength = $_POST['passwordMinLength']; + $cfg->passwordMinLower = $_POST['passwordMinLower']; + $cfg->passwordMinUpper = $_POST['passwordMinUpper']; + $cfg->passwordMinNumeric = $_POST['passwordMinNumeric']; + $cfg->passwordMinSymbol = $_POST['passwordMinSymbol']; + $cfg->passwordMinClasses = $_POST['passwordMinClasses']; // save settings $cfg->save(); // print messages @@ -195,6 +202,47 @@ if ($_POST['submit']) {
+
+ +
+ + \n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + } + ?> +
\n"; + echo $options[$i][1] . "  "; + echo "\n"; + echo "\n"; + echo "\n"; + echo ""; + echo "\"""; + echo "\n"; + echo "
+
+
+