mirror of https://github.com/MISP/MISP
Fix to an invalid default password complexity validation, fixes #585
parent
1fec658350
commit
468bced3b4
|
@ -680,7 +680,7 @@ class Server extends AppModel {
|
|||
),
|
||||
'password_policy_complexity' => array(
|
||||
'level' => 2,
|
||||
'description' => 'Password complexity requirement. Leave it empty for the default setting (3 out of 4, with either a digit or a special char) or enter your own regex. Keep in mind that the length is checked in another key. Example (simple 4 out of 4): /(?=.*[0-9])(?=.*[!@#$%^&*_-])(?=.*[A-Z])(?=.*[a-z]).*$/',
|
||||
'description' => 'Password complexity requirement. Leave it empty for the default setting (3 out of 4, with either a digit or a special char) or enter your own regex. Keep in mind that the length is checked in another key. Example (simple 4 out of 4): /((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$/',
|
||||
'value' => '',
|
||||
'errorMessage' => '',
|
||||
'test' => 'testPasswordRegex',
|
||||
|
|
|
@ -332,7 +332,7 @@ class User extends AppModel {
|
|||
If Security.password_policy_complexity is set and valid, use the regex provided.
|
||||
*/
|
||||
$regex = Configure::read('Security.password_policy_complexity');
|
||||
if (empty($regex) || @preg_match($regex, 'test') === false) $regex = '/((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$/';
|
||||
if (empty($regex) || @preg_match($regex, 'test') === false) $regex = '/((?=.*\d)|(?=.*\W+))(?![\n])(?=.*[A-Z])(?=.*[a-z]).*$/';
|
||||
$value = array_values($check);
|
||||
$value = $value[0];
|
||||
return preg_match($regex, $value);
|
||||
|
|
Loading…
Reference in New Issue