The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
set minimal length for password for pw-change Details »» | |||||||||||||||||||||||||||
set minimal length for password for pw-change
Developer Last Online: Mar 2023
This little modification ensures that users use passwords with at least an amount of characters you define. This length is currently set to 8 characters but can be modified ofcourse.
If you want to change that length, just look at the PHP-code and the new phrase below, the corresponding places are marked green. Thanks to Mystics for help with the javascript open /profile.php find Code:
globalize($_POST, array('currentpassword' => STR, 'currentpassword_md5' => STR, 'newpassword' => STR, 'newpasswordconfirm' => STR, 'newpassword_md5' => STR, 'newpasswordconfirm_md5' => STR, 'email' => STR, 'emailconfirm' => STR)); Code:
globalize($_POST, array('currentpassword' => STR, 'currentpassword_md5' => STR, 'newpassword' => STR, 'newpasswordconfirm' => STR, 'newpassword_md5' => STR, 'newpasswordconfirm_md5' => STR, 'npwlength' => INT, 'email' => STR, 'emailconfirm' => STR)); Code:
if (!empty($newpassword) OR !empty($newpassword_md5)) Code:
// ### Password-Security-Hack if ($npwlength > 0 AND $npwlength <= 7) { eval(print_standard_error('unsecurepassword')); } // ### End Password-Security-Hack Edit the template modifypassword and replace all of it with the following code: Code:
<script type="text/javascript" src="clientscript/vbulletin_md5.js"></script> <script type="text/javascript"> function hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5, npwlength) { npwlength.value = newpassword.value.length; md5hash(currentpassword, currentpassword_md5); // do various checks if (newpassword.value != '') { md5hash(newpassword, newpassword_md5); } if (newpasswordconfirm.value != '') { md5hash(newpasswordconfirm, newpasswordconfirm_md5); } } </script> <form name="changepw" action="profile.php" method="post" onsubmit="hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5, npwlength)"> <input type="hidden" name="s" value="$session[sessionhash]" /> <input type="hidden" name="do" value="updatepassword" /> <input type="hidden" name="currentpassword_md5" /> <input type="hidden" name="newpassword_md5" /> <input type="hidden" name="newpasswordconfirm_md5" /> <input type="hidden" name="npwlength" /> <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> <tr> <td class="tcat">$vbphrase[edit_email_and_password]</td> </tr> <tr> <td class="panelsurround" align="center"> <div class="panel"> <div style="width:$stylevar[formwidth_usercp]" align="$stylevar[left]"> <if condition="$show['passwordexpired']"> <div class="smallfont"> <strong>$vbphrase[current_password_expired]</strong> </div> </if> <div class="fieldset"> <div>$vbphrase[enter_password_to_continue]:</div> <div><input type="password" class="bginput" name="currentpassword" size="50" maxlength="50" /></div> </div> <fieldset class="fieldset"> <legend>$vbphrase[edit_password]<if condition="$show['password_optional']"> ($vbphrase[optional])</if></legend> <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0"> <tr> <td> <div>$vbphrase[new_password]:</div> <div><input type="password" class="bginput" name="newpassword" size="50" maxlength="50" /></div> </td> </tr> <tr> <td> <div>$vbphrase[confirm_new_password]:</div> <div><input type="password" class="bginput" name="newpasswordconfirm" size="50" maxlength="50" /></div> </td> </tr> </table> </fieldset> <fieldset class="fieldset"> <legend>$vbphrase[edit_email_address] ($vbphrase[optional])</legend> <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0"> <tr> <td> <div>$vbphrase[new_email_address]:</div> <div><input type="text" class="bginput" name="email" value="$bbuserinfo[email]" size="50" maxlength="50" /></div> </td> </tr> <tr> <td> <div>$vbphrase[confirm_new_email_address]:</div> <div><input type="text" class="bginput" name="emailconfirm" value="$bbuserinfo[email]" size="50" maxlength="50" /></div> </td> </tr> </table> </fieldset> </div> </div> <div style="margin-top:$stylevar[cellpadding]px"> <input type="submit" class="button" value="$vbphrase[save_changes]" accesskey="s" /> <input type="reset" class="button" value="$vbphrase[reset_fields]" accesskey="r" /> </div> </td> </tr> </table> </form> Now enter the phrase-manager, select the phrase-type Front-End Error Messages and add a new phrase: VARNAME: unsecurepassword TEXT: Code:
The password you chose does not fit our standard of security, please use a password with <b>at least 8 characters.</b><br><br>Click here to <a href="profile.php?$session[sessionurl]do=editpassword">change your password</a>. That's all, you're done :smoke: Show Your Support
|
Comments |
#2
|
|||
|
|||
red = green here, remember (we have a colorblind bbcode here!)
|
#3
|
||||
|
||||
Nice hack. How about applying this to registrations too?
|
#4
|
|||
|
|||
Err... No offsense, dude, but do you check your hacks before posting them?
You have both syntax and logic error in your hack... Syntax error: if ($npwlength > 0 AND $npwlength <= 7{ Don't you need a closing ')' before '{'??? Logic error: It says: if ($npwlength > 0 AND $npwlength <= 7{ If you want your password to be not less than 7 characters in length, then it logically follows that it will be more than 0 characters. Therefore, the first part of the condition does not make any sense. A final, more valid, condition would be: if ($npwlength <= 7) { But anyway, this is a nice hack, and I am going to install it when you finish developing it |
#5
|
||||
|
||||
The $npwlength > 0 part of his condition is probably so that the default error message is shown if no password is entered, instead of this custom one about the password length..
|
#6
|
|||
|
|||
Oblivion Knight
In that case, it would be best to put this check into IF..ELSEIF, instead of two separate IF's. That would make it easier to understand. |
#7
|
|||
|
|||
its a hack so it is probably better putting it in a seperate if rather than to play around with vb core if,else structure... Is there a reason that you are checking if the length is less than or equal to seven? why not just use < 8?
|
#8
|
|||
|
|||
This is a simple if..else structure you are talking about here, so I don't think it will hurt making some intergration...
|
#9
|
||||
|
||||
Please post this in a text file so others can have it on an upgrade.
|
#10
|
||||
|
||||
I updated the missing ) and named the color "green" ...
|
Thread Tools | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|