Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Beta Releases
set minimal length for password for pw-change Details »»
set minimal length for password for pw-change
Version: 1.00, by MrZeropage MrZeropage is offline
Developer Last Online: Mar 2023 Show Printable Version Email this Page

Version: 3.0.7 Rating:
Released: 04-07-2005 Last Update: Never Installs: 1
Is in Beta Stage  
No support by the author.

This little modification ensures that users use passwords with at least an amount of characters you define. This length is currently set to 8 characters but can be modified ofcourse.
If you want to change that length, just look at the PHP-code and the new phrase below, the corresponding places are marked green.

Thanks to Mystics for help with the javascript


open /profile.php

find
Code:
globalize($_POST, array('currentpassword' => STR, 'currentpassword_md5' => STR, 'newpassword' => STR, 'newpasswordconfirm' => STR, 'newpassword_md5' => STR, 'newpasswordconfirm_md5' => STR, 'email' => STR, 'emailconfirm' => STR));
and replace it with
Code:
globalize($_POST, array('currentpassword' => STR, 'currentpassword_md5' => STR, 'newpassword' => STR, 'newpasswordconfirm' => STR, 'newpassword_md5' => STR, 'newpasswordconfirm_md5' => STR, 'npwlength' => INT, 'email' => STR, 'emailconfirm' => STR));
find
Code:
if (!empty($newpassword) OR !empty($newpassword_md5))
above insert
Code:
 // ### Password-Security-Hack
if ($npwlength > 0 AND $npwlength <= 7) {
eval(print_standard_error('unsecurepassword'));
}
// ### End Password-Security-Hack
Now save your modified /profile.php


Edit the template modifypassword and replace all of it with the following code:
Code:
<script type="text/javascript" src="clientscript/vbulletin_md5.js"></script>
<script type="text/javascript">
function hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5, npwlength)
{
		npwlength.value = newpassword.value.length;
md5hash(currentpassword, currentpassword_md5);
// do various checks
if (newpassword.value != '')
{
md5hash(newpassword, newpassword_md5);
}
if (newpasswordconfirm.value != '')
{
md5hash(newpasswordconfirm, newpasswordconfirm_md5);
}
}
</script>
 
<form name="changepw" action="profile.php" method="post" onsubmit="hash_passwords(currentpassword, currentpassword_md5, newpassword, newpassword_md5, newpasswordconfirm, newpasswordconfirm_md5, npwlength)">
<input type="hidden" name="s" value="$session[sessionhash]" />
<input type="hidden" name="do" value="updatepassword" />
<input type="hidden" name="currentpassword_md5" />
<input type="hidden" name="newpassword_md5" />
<input type="hidden" name="newpasswordconfirm_md5" />
<input type="hidden" name="npwlength" />
 
<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
<tr>
<td class="tcat">$vbphrase[edit_email_and_password]</td>
</tr>
 
<tr>
<td class="panelsurround" align="center">
<div class="panel">
<div style="width:$stylevar[formwidth_usercp]" align="$stylevar[left]">
 
<if condition="$show['passwordexpired']">
<div class="smallfont">
	<strong>$vbphrase[current_password_expired]</strong>
</div>
</if>
 
<div class="fieldset">
<div>$vbphrase[enter_password_to_continue]:</div>
<div><input type="password" class="bginput" name="currentpassword" size="50" maxlength="50" /></div>
</div>
 
<fieldset class="fieldset">
<legend>$vbphrase[edit_password]<if condition="$show['password_optional']"> ($vbphrase[optional])</if></legend>
<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
<tr>
	<td>
	 <div>$vbphrase[new_password]:</div>
	 <div><input type="password" class="bginput" name="newpassword" size="50" maxlength="50" /></div>
	</td>
</tr>
<tr>
	<td>
	 <div>$vbphrase[confirm_new_password]:</div>
	 <div><input type="password" class="bginput" name="newpasswordconfirm" size="50" maxlength="50" /></div>
	</td>
</tr>
</table>
</fieldset>
 
<fieldset class="fieldset">
<legend>$vbphrase[edit_email_address] ($vbphrase[optional])</legend>
<table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">
<tr>
	<td>
	 <div>$vbphrase[new_email_address]:</div>
	 <div><input type="text" class="bginput" name="email" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
	</td>
</tr>
<tr>
	<td>
	 <div>$vbphrase[confirm_new_email_address]:</div>
	 <div><input type="text" class="bginput" name="emailconfirm" value="$bbuserinfo[email]" size="50" maxlength="50" /></div>
	</td>
</tr>
</table>
</fieldset>
 
</div>
</div>
 
<div style="margin-top:$stylevar[cellpadding]px">
<input type="submit" class="button" value="$vbphrase[save_changes]" accesskey="s" />
<input type="reset" class="button" value="$vbphrase[reset_fields]" accesskey="r" />
</div>
</td>
</tr>
</table>
 
</form>
Save that template.



Now enter the phrase-manager, select the phrase-type Front-End Error Messages and add a new phrase:

VARNAME: unsecurepassword
TEXT:
Code:
The password you chose does not fit our standard of security, please use a password with <b>at least 8 characters.</b><br><br>Click here to <a href="profile.php?$session[sessionurl]do=editpassword">change your password</a>.

That's all, you're done :smoke:

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 04-08-2005, 06:44 PM
nexialys
Guest
 
Posts: n/a
Default

red = green here, remember (we have a colorblind bbcode here!)
Reply With Quote
  #3  
Old 04-08-2005, 07:27 PM
nighteyes's Avatar
nighteyes nighteyes is offline
 
Join Date: Oct 2001
Posts: 130
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice hack. How about applying this to registrations too?
Reply With Quote
  #4  
Old 04-08-2005, 08:17 PM
akanevsky akanevsky is offline
 
Join Date: Apr 2005
Posts: 3,972
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Err... No offsense, dude, but do you check your hacks before posting them?
You have both syntax and logic error in your hack...

Syntax error:
if ($npwlength > 0 AND $npwlength <= 7{

Don't you need a closing ')' before '{'???

Logic error:
It says:

if ($npwlength > 0 AND $npwlength <= 7{

If you want your password to be not less than 7 characters in length, then it logically follows that it will be more than 0 characters. Therefore, the first part of the condition does not make any sense.

A final, more valid, condition would be:

if ($npwlength <= 7) {

But anyway, this is a nice hack, and I am going to install it when you finish developing it
Reply With Quote
  #5  
Old 04-09-2005, 07:13 AM
Oblivion Knight's Avatar
Oblivion Knight Oblivion Knight is offline
 
Join Date: May 2002
Location: Sheffield, UK
Posts: 1,757
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

The $npwlength > 0 part of his condition is probably so that the default error message is shown if no password is entered, instead of this custom one about the password length..
Reply With Quote
  #6  
Old 04-09-2005, 12:18 PM
akanevsky akanevsky is offline
 
Join Date: Apr 2005
Posts: 3,972
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Oblivion Knight
In that case, it would be best to put this check into IF..ELSEIF, instead of two separate IF's. That would make it easier to understand.
Reply With Quote
  #7  
Old 04-09-2005, 01:46 PM
tehste tehste is offline
 
Join Date: Feb 2004
Posts: 221
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

its a hack so it is probably better putting it in a seperate if rather than to play around with vb core if,else structure... Is there a reason that you are checking if the length is less than or equal to seven? why not just use < 8?
Reply With Quote
  #8  
Old 04-09-2005, 01:53 PM
akanevsky akanevsky is offline
 
Join Date: Apr 2005
Posts: 3,972
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This is a simple if..else structure you are talking about here, so I don't think it will hurt making some intergration...
Reply With Quote
  #9  
Old 04-09-2005, 10:00 PM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Please post this in a text file so others can have it on an upgrade.
Reply With Quote
  #10  
Old 04-23-2005, 05:01 PM
MrZeropage's Avatar
MrZeropage MrZeropage is offline
 
Join Date: Nov 2003
Location: Munich, Germany
Posts: 3,012
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I updated the missing ) and named the color "green" ...
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:51 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05051 seconds
  • Memory Usage 2,290KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (6)bbcode_code
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete