Subversion Repositories ALCASAR

Compare Revisions

Problem with comparison.

Ignore whitespace Rev HEAD → Rev 1831

/web/pass/sql/drivers/mysql/functions.php
0,0 → 1,136
<?php
function da_sql_limit($limit,$point,$config)
{
switch($point){
case 0:
return '';
case 1:
return '';
//modif by MG for Alcasar
case 2:
return "LIMIT $limit";
case 3:
return "LIMIT $limit";
}
}
 
function da_sql_host_connect($server,$config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$server:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_connect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_pconnect($config)
{
if ($config[sql_use_http_credentials] == 'yes'){
global $HTTP_SERVER_VARS;
$SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
$SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
}
else{
$SQL_user = $config[sql_username];
$SQL_passwd = $config[sql_password];
}
 
if ($config[sql_connect_timeout] != 0)
@ini_set('mysql.connect_timeout',$config[sql_connect_timeout]);
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Connect: User=$SQL_user,Password=$SQL_passwd </b><br>\n";
return @mysql_pconnect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
}
 
function da_sql_close($link,$config)
{
return @mysql_close($link);
}
 
function da_sql_escape_string($string)
{
return @mysql_real_escape_string($string);
}
 
function da_sql_query($link,$config,$query)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query: <i>$query</i></b><br>\n";
return @mysql_db_query($config[sql_database],$query,$link);
}
 
function da_sql_num_rows($result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Num rows:: " . @mysql_num_rows($result) . "</b><br>\n";
return @mysql_num_rows($result);
}
 
function da_sql_fetch_array($result,$config)
{
$row = array_change_key_case(@mysql_fetch_array($result,
MYSQL_ASSOC),CASE_LOWER);
if ($config[sql_debug] == 'true'){
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: <pre>";
print_r($row);
print "</b></pre>\n";
}
return $row;
}
 
function da_sql_affected_rows($link,$result,$config)
{
if ($config[sql_debug] == 'true')
print "<b>DEBUG(SQL,MYSQL DRIVER): Query Result: Affected rows:: " . @mysql_affected_rows($result) . "</b><br>\n";
return @mysql_affected_rows($link);
}
 
function da_sql_list_fields($table,$link,$config)
{
return @mysql_list_fields($config[sql_database],$table);
}
 
function da_sql_num_fields($fields,$config)
{
return @mysql_num_fields($fields);
}
 
function da_sql_field_name($fields,$num,$config)
{
return @mysql_field_name($fields,$num);
}
 
function da_sql_error($link,$config)
{
return @mysql_error($link);
}
?>
/web/pass/crypt/crypt.php
0,0 → 1,20
<?php
function da_encrypt()
{
$numargs=func_num_args();
$passwd=func_get_arg(0);
if ($numargs == 2){ //only to test or change password (keep the old algorythm and salt)
$salt=func_get_arg(1);
return crypt($passwd,$salt);
}
# set the salt and the algorithm
$shuf = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"),0,8);
# hash md5 > empreinte du mot de passe sur 22 caracteres
//$salt='$1'.'$'.$shuf.'$';
# hash sha-256 > empreinte du mot de passe sur 43 caracteres
$salt='$5'.'$'.$shuf.'$';
# hash sha-512 > empreinte du mot de passe sur 86 caracteres
#$salt='$6'.'$'.$shuf.'$';
return crypt($passwd,$salt);
}
?>
/web/pass/crypt/md5.php
0,0 → 1,6
<?php
function da_encrypt($passwd)
{
return md5($passwd);
}
?>
/web/pass/crypt/clear.php
0,0 → 1,6
<?php
function da_encrypt($passwd)
{
return $passwd;
}
?>
/web/pass/index.php
0,0 → 1,380
<?php
# change user password on Alcasar captive Portal
# Copyright (C) 2003, 2004 Mondru AB.
# Copyright (C) 2008-2009 ANGEL95 & REXY
 
 
 
require('/etc/freeradius-web/config.php');
 
$current_page = $_SERVER['PHP_SELF'];
 
# Choice of language
$Language = 'en';
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
$Language = strtolower(substr(chop($Langue[0]),0,2)); }
if($Language == 'es'){
$R_title = "User password change";
$R_form_l1 = "User";
$R_form_l2 = "Old password";
$R_form_l3 = "New password";
$R_form_l4 = "New password (confirmation)";
$R_eval_pass = "Score :";
$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modify";
$R_form_button_retour = "Cancel";
$R_form_result1 = "Your password has been successfuly changed";
$R_form_result2 = "Error when trying to change password";
$R_retour = "ALCASAR home page";}
else if ($Language == 'pt'){
$R_title = "Alteração de senha do usuário";
$R_form_l1 = "Usuário";
$R_form_l2 = "Senha antiga";
$R_form_l3 = "Nova senha";
$R_form_l4 = "Nova senha (confirmação)";
$R_eval_pass = "Resultado:";
$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modificar";
$R_form_button_retour = "Cancelar";
$R_form_result1 = "Sua senha foi alterada com sucesso";
$R_form_result2 = "Erro ao tentar alterar a senha";
$R_retour = "Home page Alcasar";}
else if($Language == 'de'){
$R_title = "User password change";
$R_form_l1 = "User";
$R_form_l2 = "Old password";
$R_form_l3 = "New password";
$R_form_l4 = "New password (confirmation)";
$R_eval_pass = "Score :";
$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modify";
$R_form_button_retour = "Cancel";
$R_form_result1 = "Your password has been successfuly changed";
$R_form_result2 = "Error when trying to change password";
$R_retour = "ALCASAR home page";}
else if($Language == 'nl'){
$R_title = "User password change";
$R_form_l1 = "User";
$R_form_l2 = "Old password";
$R_form_l3 = "New password";
$R_form_l4 = "New password (confirmation)";
$R_eval_pass = "Score :";
$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modify";
$R_form_button_retour = "Cancel";
$R_form_result1 = "Your password has been successfuly changed";
$R_form_result2 = "Error when trying to change password";
$R_retour = "ALCASAR home page";}
else if($Language == 'fr'){
$R_title = "Changement de mot de passe utilisateur";
$R_form_l1 = "Utilisateur :";
$R_form_l2 = "Ancien mot de passe :";
$R_form_l3 = "Nouveau mot de passe :";
$R_form_l4 = "Nouveau mot de passe (confirmation) :";
$R_eval_pass = "";
$R_passwordmeter = "Propulsé par 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modifier";
$R_form_button_retour = "Annuler";
$R_form_result1 = "Votre mot de passe a &eacute;t&eacute; modifi&eacute; avec succ&egrave;s";
$R_form_result2 = "Erreur de changement de mot de passe";
$R_retour = "Retour &agrave; la page d'accueil ALCASAR";}
else {
$R_title = "User password change";
$R_form_l1 = "User";
$R_form_l2 = "Old password";
$R_form_l3 = "New password";
$R_form_l4 = "New password (confirmation)";
$R_eval_pass = "Score :";
$R_passwordmeter = "Powered by 'Shibbo Password Analyser'</a>";
$R_form_button_valid = "Modify";
$R_form_button_retour = "Cancel";
$R_form_result1 = "Your password has been successfuly changed";
$R_form_result2 = "Error when trying to change password";
$R_retour = "ALCASAR home page";
}
echo "
<html>
<head>
<title>$R_title</title>
<meta http-equiv=\"Cache-control\" content=\"no-cache\">
<meta http-equiv=\"Pragma\" content=\"no-cache\">
<link rel=\"stylesheet\" href=\"../css/pass.css\" type=\"text/css\">
<link type=\"text/css\" href=\"../css/pwdmeter.css\" media=\"screen\" rel=\"stylesheet\" />
<!--[if lt IE 7]>
<link type=\"text/css\" href=\"../css/ie.css\" media=\"screen\" rel=\"stylesheet\" />
<![endif]-->
<script type=\"text/javascript\" src=\"js/pwdmeter.js\" language=\"javascript\"></script>
</head>
<body>
<div id=\"page\">
<div id=\"block_pass\">
<div id=\"pass_chg\">
<img src=\"../images/organisme.png\" />
<h1 id=\"titre_pass\">$R_title</h1>
</div>
<div id=\"pass_chg_content\">
<form name=\"master\" action=\"$current_page\" method=\"post\">
<input type=hidden name=action value=checkpass>
<table id=\"champs_pass\">
<tr>
<td class=\"first_item\">$R_form_l1</td>
<td><input type=\"text\" name=\"login\" value=\"\" label=\"test\"></td>
</tr>
<tr>
<td class=\"first_item\">$R_form_l2</td>
<td><input type=\"password\" name=\"passwd\" value=\"\"></td>
</tr>
<tr>
<td class=\"first_item\">$R_form_l3</td>
<td>
<input type=\"password\" name=\"newpasswd\" id=\"passwordPwd\" value=\"\" autocomplete=\"off\" onkeyup=\"chkPass(this.value);\" />
<input type=\"text\" id=\"passwordTxt\" name=\"passwordTxt\" autocomplete=\"off\" onkeyup=\"chkPass(this.value);\" class=\"hide\" />
</td>
</tr>
<tr>
<td class=\"first_item\">$R_eval_pass</td>
<td>
<div id=\"scorebarBorder\">
<div id=\"score\">0%</div>
<div id=\"scorebar\">&nbsp;</div>
</div>
<div id=\"complexity\"></div>
</td>
</tr>
<tr>
<td colspan=\"2\" id=\"lien_pass\">$R_passwordmeter</td>
</tr>
<tr>
<td class=\"first_item\">$R_form_l4</td>
<td><input type=\"password\" name=\"newpasswd2\" value=\"\"></td>
</tr>
</table>
<input type=\"submit\" class=\"btn_form\" id=\"btn_pass\" value=\"$R_form_button_valid\">
<input type=\"button\" class=\"btn_form\" id=\"btn_retour\" value=\"$R_form_button_retour\" onclick=\"location.replace('http://alcasar');\">
</div>
</div>
<div id=\"info_pass\">
<table id=\"tablePwdStatus\" cellpadding=\"5\" cellspacing=\"1\" border=\"0\">
<tr>
<th colspan=\"2\">Additions</th>
<th class=\"txtCenter\">Type</th>
<th class=\"txtCenter\">Rate</th>
<th class=\"txtCenter\">Count</th>
<th class=\"txtCenter\">Bonus</th>
</tr>
<tr>
<td width=\"1%\"><div id=\"div_nLength\" class=\"fail\">&nbsp;</div></td>
<td width=\"94%\">Number of Characters</td>
<td width=\"1%\" class=\"txtCenter\">Flat</td>
<td width=\"1%\" class=\"txtCenter italic\">+(n*4)</td>
<td width=\"1%\"><div id=\"nLength\" class=\"box\">&nbsp;</div></td>
<td width=\"1%\"><div id=\"nLengthBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nAlphaUC\" class=\"fail\">&nbsp;</div></td>
<td>Uppercase Letters</td>
<td class=\"txtCenter\">Cond/Incr</td>
<td nowrap=\"nowrap\" class=\"txtCenter italic\">+((len-n)*2)</td>
<td><div id=\"nAlphaUC\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nAlphaUCBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nAlphaLC\" class=\"fail\">&nbsp;</div></td>
<td>Lowercase Letters</td>
<td class=\"txtCenter\">Cond/Incr</td>
<td class=\"txtCenter italic\">+((len-n)*2)</td>
<td><div id=\"nAlphaLC\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nAlphaLCBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nNumber\" class=\"fail\">&nbsp;</div></td>
<td>Numbers</td>
<td class=\"txtCenter\">Cond</td>
<td class=\"txtCenter italic\">+(n*4)</td>
<td><div id=\"nNumber\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nNumberBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nSymbol\" class=\"fail\">&nbsp;</div></td>
<td>Symbols</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">+(n*6)</td>
<td><div id=\"nSymbol\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nSymbolBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nMidChar\" class=\"fail\">&nbsp;</div></td>
<td>Middle Numbers or Symbols</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">+(n*2)</td>
<td><div id=\"nMidChar\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nMidCharBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nRequirements\" class=\"fail\">&nbsp;</div></td>
<td>Requirements</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">+(n*2)</td>
<td><div id=\"nRequirements\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nRequirementsBonus\" class=\"boxPlus\">&nbsp;</div></td>
</tr>
<tr>
<th colspan=\"6\">Deductions</th>
</tr>
<tr>
<td width=\"1%\"><div id=\"div_nAlphasOnly\" class=\"pass\">&nbsp;</div></td>
<td width=\"94%\">Letters Only</td>
<td width=\"1%\" class=\"txtCenter\">Flat</td>
<td width=\"1%\" class=\"txtCenter italic\">-n</td>
<td width=\"1%\"><div id=\"nAlphasOnly\" class=\"box\">&nbsp;</div></td>
<td width=\"1%\"><div id=\"nAlphasOnlyBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nNumbersOnly\" class=\"pass\">&nbsp;</div></td>
<td>Numbers Only</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-n</td>
<td><div id=\"nNumbersOnly\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nNumbersOnlyBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nRepChar\" class=\"pass\">&nbsp;</div></td>
<td>Repeat Characters (Case Insensitive)</td>
<td class=\"txtCenter\">Comp</td>
<td nowrap=\"nowrap\" class=\"txtCenter italic\"> - </td>
<td><div id=\"nRepChar\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nRepCharBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nConsecAlphaUC\" class=\"pass\">&nbsp;</div></td>
<td>Consecutive Uppercase Letters</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*2)</td>
<td><div id=\"nConsecAlphaUC\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nConsecAlphaUCBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nConsecAlphaLC\" class=\"pass\">&nbsp;</div></td>
<td>Consecutive Lowercase Letters</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*2)</td>
<td><div id=\"nConsecAlphaLC\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nConsecAlphaLCBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nConsecNumber\" class=\"pass\">&nbsp;</div></td>
<td>Consecutive Numbers</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*2)</td>
<td><div id=\"nConsecNumber\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nConsecNumberBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nSeqAlpha\" class=\"pass\">&nbsp;</div></td>
<td>Sequential Letters (3+)</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*3)</td>
<td><div id=\"nSeqAlpha\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nSeqAlphaBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nSeqNumber\" class=\"pass\">&nbsp;</div></td>
<td>Sequential Numbers (3+)</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*3)</td>
<td><div id=\"nSeqNumber\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nSeqNumberBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<td><div id=\"div_nSeqSymbol\" class=\"pass\">&nbsp;</div></td>
<td>Sequential Symbols (3+)</td>
<td class=\"txtCenter\">Flat</td>
<td class=\"txtCenter italic\">-(n*3)</td>
<td><div id=\"nSeqSymbol\" class=\"box\">&nbsp;</div></td>
<td><div id=\"nSeqSymbolBonus\" class=\"boxMinus\">&nbsp;</div></td>
</tr>
<tr>
<th colspan=\"6\">Legend</th>
</tr>
<tr>
<td colspan=\"6\">
<ul id=\"listLegend\">
<li><div class=\"exceed imgLegend\">&nbsp;</div> <span class=\"bold\">Exceptional:</span> Exceeds minimum standards. Additional bonuses are applied.</li>
<li><div class=\"pass imgLegend\">&nbsp;</div> <span class=\"bold\">Sufficient:</span> Meets minimum standards. Additional bonuses are applied.</li>
<li><div class=\"warn imgLegend\">&nbsp;</div> <span class=\"bold\">Warning:</span> Advisory against employing bad practices. Overall score is reduced.</li>
<li><div class=\"fail imgLegend\">&nbsp;</div> <span class=\"bold\">Failure:</span> Does not meet the minimum standards. Overall score is reduced.</li>
</ul>
</td>
</tr>
</table>
<table id=\"tablePwdNotes\" cellpadding=\"5\" cellspacing=\"1\" border=\"0\">
<tr>
<th>Quick Footnotes</th>
</tr>
<tr>
<td>
&bull; <strong>Flat:</strong> Rates that add/remove in non-changing increments.<br />
&bull; <strong>Incr:</strong> Rates that add/remove in adjusting increments.<br />
&bull; <strong>Cond:</strong> Rates that add/remove depending on additional factors.<br />
&bull; <strong>Comp:</strong> Rates that are too complex to summarize. See source code for details.<br />
&bull; <strong>n:</strong> Refers to the total number of occurrences.<br />
&bull; <strong>len:</strong> Refers to the total password length.<br />
&bull; Additional bonus scores are given for increased character variety.<br />
&bull; Final score is a cumulative result of all bonuses minus deductions.<br />
&bull; Final score is capped with a minimum of 0 and a maximum of 100.<br />
&bull; Score and Complexity ratings are not conditional on meeting minimum requirements.<br />
</td>
</tr>
<tr>
<th>DISCLAIMER</th>
</tr>
<tr>
<td>
<p>This application is designed to assess the strength of password strings. The instantaneous visual feedback provides the user a means to improve the strength of their passwords, with a hard focus on breaking the typical bad habits of faulty password formulation. Since no official weighting system exists, we created our own formulas to assess the overall strength of a given password. Please note, that this application does not utilize the typical \"days-to-crack\" approach for strength determination. We have found that particular system to be severely lacking and unreliable for real-world scenarios. This application is neither perfect nor foolproof, and should only be utilized as a loose guide in determining methods for improving the password creation process. </p>
</td>
</tr>
</table>
</div>
</div>
";
 
if (is_file("sql/drivers/$config[sql_type]/functions.php"))
include_once("sql/drivers/$config[sql_type]/functions.php");
else{
echo "<b>Could not include SQL library</b><br>\n";
exit();
}
if (isset($action)){
if ($action == 'checkpass'){
$link = @da_sql_pconnect($config);
if ($link){
$res = @da_sql_query($link,$config,
"SELECT attribute,value FROM $config[sql_check_table] WHERE username = '$login'
AND attribute = '$config[sql_password_attribute]';");
if ($res){
$row = @da_sql_fetch_array($res,$config);
if (is_file("crypt/$config[general_encryption_method].php")){
include("crypt/$config[general_encryption_method].php");
$enc_passwd = $row['value'];
$passwd = da_encrypt($passwd,$enc_passwd);
$newpasswd = da_encrypt($newpasswd,$enc_passwd);
$newpasswd2 = da_encrypt($newpasswd2,$enc_passwd);
if (($passwd == $enc_passwd) and ($newpasswd == $newpasswd2)){
$msg = '<font color=blue><b>'.$R_form_result1.'</b></font>';
$res2 = @da_sql_query($link,$config,
"UPDATE $config[sql_check_table] set value='$newpasswd' WHERE username = '$login'
AND attribute = '$config[sql_password_attribute]';");}
else
$msg = '<font color=red><b>'.$R_form_result2.'</b></font>';
}
else
echo "<b>Could not open encryption library file</b><br>\n";
}
}
echo "<span align=center>$msg</span>\n";
}
}
?>
</body>
</html>
Property changes:
Added: svn:keywords
+Id Date Author
\ No newline at end of property
/web/pass/js/pwdmeter.js
0,0 → 1,324
/*
** Created by: Jeff Todnem (http://www.todnem.com/)
** Created on: 2007-08-14
** Last modified: 2010-05-03
**
** License Information:
** -------------------------------------------------------------------------
** Copyright (C) 2007 Jeff Todnem
**
** This program is free software; you can redistribute it and/or modify it
** under the terms of the GNU General Public License as published by the
** Free Software Foundation; either version 2 of the License, or (at your
** option) any later version.
**
** This program is distributed in the hope that it will be useful, but
** WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
** General Public License for more details.
**
** You should have received a copy of the GNU General Public License along
** with this program; if not, write to the Free Software Foundation, Inc.,
** 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
**
*/
 
function addLoadEvent(func) {
var oldonload = window.onload;
if (typeof window.onload != "function") {
window.onload = func;
}
else {
window.onload = function() {
if (oldonload) {
oldonload();
}
func();
};
}
}
 
function $() {
var arrElms = [];
for (var i=0; i < arguments.length; i++) {
var elm = arguments[i];
if (typeof(elm == "string")) { elm = document.getElementById(elm); }
if (arguments.length == 1) { return elm; }
arrElms.push(elm);
}
return arrElms;
}
 
String.prototype.strReverse = function() {
var newstring = "";
for (var s=0; s < this.length; s++) {
newstring = this.charAt(s) + newstring;
}
return newstring;
//strOrig = ' texttotrim ';
//strReversed = strOrig.revstring();
};
 
function chkPass(pwd) {
var oScorebar = $("scorebar");
var oScore = $("score");
var oComplexity = $("complexity");
// Simultaneous variable declaration and value assignment aren't supported in IE apparently
// so I'm forced to assign the same value individually per var to support a crappy browser *sigh*
var nScore=0, nLength=0, nAlphaUC=0, nAlphaLC=0, nNumber=0, nSymbol=0, nMidChar=0, nRequirements=0, nAlphasOnly=0, nNumbersOnly=0, nUnqChar=0, nRepChar=0, nRepInc=0, nConsecAlphaUC=0, nConsecAlphaLC=0, nConsecNumber=0, nConsecSymbol=0, nConsecCharType=0, nSeqAlpha=0, nSeqNumber=0, nSeqSymbol=0, nSeqChar=0, nReqChar=0, nMultConsecCharType=0;
var nMultRepChar=1, nMultConsecSymbol=1;
var nMultMidChar=2, nMultRequirements=2, nMultConsecAlphaUC=2, nMultConsecAlphaLC=2, nMultConsecNumber=2;
var nReqCharType=3, nMultAlphaUC=3, nMultAlphaLC=3, nMultSeqAlpha=3, nMultSeqNumber=3, nMultSeqSymbol=3;
var nMultLength=4, nMultNumber=4;
var nMultSymbol=6;
var nTmpAlphaUC="", nTmpAlphaLC="", nTmpNumber="", nTmpSymbol="";
var sAlphaUC="0", sAlphaLC="0", sNumber="0", sSymbol="0", sMidChar="0", sRequirements="0", sAlphasOnly="0", sNumbersOnly="0", sRepChar="0", sConsecAlphaUC="0", sConsecAlphaLC="0", sConsecNumber="0", sSeqAlpha="0", sSeqNumber="0", sSeqSymbol="0";
var sAlphas = "abcdefghijklmnopqrstuvwxyz";
var sNumerics = "01234567890";
var sSymbols = ")!@#$%^&*()";
var sComplexity = "Trop court";
var sStandards = "Below";
var nMinPwdLen = 8;
if (document.all) { var nd = 0; } else { var nd = 1; }
if (pwd) {
nScore = parseInt(pwd.length * nMultLength);
nLength = pwd.length;
var arrPwd = pwd.replace(/\s+/g,"").split(/\s*/);
var arrPwdLen = arrPwd.length;
/* Loop through password to check for Symbol, Numeric, Lowercase and Uppercase pattern matches */
for (var a=0; a < arrPwdLen; a++) {
if (arrPwd[a].match(/[A-Z]/g)) {
if (nTmpAlphaUC !== "") { if ((nTmpAlphaUC + 1) == a) { nConsecAlphaUC++; nConsecCharType++; } }
nTmpAlphaUC = a;
nAlphaUC++;
}
else if (arrPwd[a].match(/[a-z]/g)) {
if (nTmpAlphaLC !== "") { if ((nTmpAlphaLC + 1) == a) { nConsecAlphaLC++; nConsecCharType++; } }
nTmpAlphaLC = a;
nAlphaLC++;
}
else if (arrPwd[a].match(/[0-9]/g)) {
if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; }
if (nTmpNumber !== "") { if ((nTmpNumber + 1) == a) { nConsecNumber++; nConsecCharType++; } }
nTmpNumber = a;
nNumber++;
}
else if (arrPwd[a].match(/[^a-zA-Z0-9_]/g)) {
if (a > 0 && a < (arrPwdLen - 1)) { nMidChar++; }
if (nTmpSymbol !== "") { if ((nTmpSymbol + 1) == a) { nConsecSymbol++; nConsecCharType++; } }
nTmpSymbol = a;
nSymbol++;
}
/* Internal loop through password to check for repeat characters */
var bCharExists = false;
for (var b=0; b < arrPwdLen; b++) {
if (arrPwd[a] == arrPwd[b] && a != b) { /* repeat character exists */
bCharExists = true;
/*
Calculate icrement deduction based on proximity to identical characters
Deduction is incremented each time a new match is discovered
Deduction amount is based on total password length divided by the
difference of distance between currently selected match
*/
nRepInc += Math.abs(arrPwdLen/(b-a));
}
}
if (bCharExists) {
nRepChar++;
nUnqChar = arrPwdLen-nRepChar;
nRepInc = (nUnqChar) ? Math.ceil(nRepInc/nUnqChar) : Math.ceil(nRepInc);
}
}
/* Check for sequential alpha string patterns (forward and reverse) */
for (var s=0; s < 23; s++) {
var sFwd = sAlphas.substring(s,parseInt(s+3));
var sRev = sFwd.strReverse();
if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqAlpha++; nSeqChar++;}
}
/* Check for sequential numeric string patterns (forward and reverse) */
for (var s=0; s < 8; s++) {
var sFwd = sNumerics.substring(s,parseInt(s+3));
var sRev = sFwd.strReverse();
if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqNumber++; nSeqChar++;}
}
/* Check for sequential symbol string patterns (forward and reverse) */
for (var s=0; s < 8; s++) {
var sFwd = sSymbols.substring(s,parseInt(s+3));
var sRev = sFwd.strReverse();
if (pwd.toLowerCase().indexOf(sFwd) != -1 || pwd.toLowerCase().indexOf(sRev) != -1) { nSeqSymbol++; nSeqChar++;}
}
/* Modify overall score value based on usage vs requirements */
 
/* General point assignment */
$("nLengthBonus").innerHTML = "+ " + nScore;
if (nAlphaUC > 0 && nAlphaUC < nLength) {
nScore = parseInt(nScore + ((nLength - nAlphaUC) * 2));
sAlphaUC = "+ " + parseInt((nLength - nAlphaUC) * 2);
}
if (nAlphaLC > 0 && nAlphaLC < nLength) {
nScore = parseInt(nScore + ((nLength - nAlphaLC) * 2));
sAlphaLC = "+ " + parseInt((nLength - nAlphaLC) * 2);
}
if (nNumber > 0 && nNumber < nLength) {
nScore = parseInt(nScore + (nNumber * nMultNumber));
sNumber = "+ " + parseInt(nNumber * nMultNumber);
}
if (nSymbol > 0) {
nScore = parseInt(nScore + (nSymbol * nMultSymbol));
sSymbol = "+ " + parseInt(nSymbol * nMultSymbol);
}
if (nMidChar > 0) {
nScore = parseInt(nScore + (nMidChar * nMultMidChar));
sMidChar = "+ " + parseInt(nMidChar * nMultMidChar);
}
$("nAlphaUCBonus").innerHTML = sAlphaUC;
$("nAlphaLCBonus").innerHTML = sAlphaLC;
$("nNumberBonus").innerHTML = sNumber;
$("nSymbolBonus").innerHTML = sSymbol;
$("nMidCharBonus").innerHTML = sMidChar;
/* Point deductions for poor practices */
if ((nAlphaLC > 0 || nAlphaUC > 0) && nSymbol === 0 && nNumber === 0) { // Only Letters
nScore = parseInt(nScore - nLength);
nAlphasOnly = nLength;
sAlphasOnly = "- " + nLength;
}
if (nAlphaLC === 0 && nAlphaUC === 0 && nSymbol === 0 && nNumber > 0) { // Only Numbers
nScore = parseInt(nScore - nLength);
nNumbersOnly = nLength;
sNumbersOnly = "- " + nLength;
}
if (nRepChar > 0) { // Same character exists more than once
nScore = parseInt(nScore - nRepInc);
sRepChar = "- " + nRepInc;
}
if (nConsecAlphaUC > 0) { // Consecutive Uppercase Letters exist
nScore = parseInt(nScore - (nConsecAlphaUC * nMultConsecAlphaUC));
sConsecAlphaUC = "- " + parseInt(nConsecAlphaUC * nMultConsecAlphaUC);
}
if (nConsecAlphaLC > 0) { // Consecutive Lowercase Letters exist
nScore = parseInt(nScore - (nConsecAlphaLC * nMultConsecAlphaLC));
sConsecAlphaLC = "- " + parseInt(nConsecAlphaLC * nMultConsecAlphaLC);
}
if (nConsecNumber > 0) { // Consecutive Numbers exist
nScore = parseInt(nScore - (nConsecNumber * nMultConsecNumber));
sConsecNumber = "- " + parseInt(nConsecNumber * nMultConsecNumber);
}
if (nSeqAlpha > 0) { // Sequential alpha strings exist (3 characters or more)
nScore = parseInt(nScore - (nSeqAlpha * nMultSeqAlpha));
sSeqAlpha = "- " + parseInt(nSeqAlpha * nMultSeqAlpha);
}
if (nSeqNumber > 0) { // Sequential numeric strings exist (3 characters or more)
nScore = parseInt(nScore - (nSeqNumber * nMultSeqNumber));
sSeqNumber = "- " + parseInt(nSeqNumber * nMultSeqNumber);
}
if (nSeqSymbol > 0) { // Sequential symbol strings exist (3 characters or more)
nScore = parseInt(nScore - (nSeqSymbol * nMultSeqSymbol));
sSeqSymbol = "- " + parseInt(nSeqSymbol * nMultSeqSymbol);
}
$("nAlphasOnlyBonus").innerHTML = sAlphasOnly;
$("nNumbersOnlyBonus").innerHTML = sNumbersOnly;
$("nRepCharBonus").innerHTML = sRepChar;
$("nConsecAlphaUCBonus").innerHTML = sConsecAlphaUC;
$("nConsecAlphaLCBonus").innerHTML = sConsecAlphaLC;
$("nConsecNumberBonus").innerHTML = sConsecNumber;
$("nSeqAlphaBonus").innerHTML = sSeqAlpha;
$("nSeqNumberBonus").innerHTML = sSeqNumber;
$("nSeqSymbolBonus").innerHTML = sSeqSymbol;
 
/* Determine if mandatory requirements have been met and set image indicators accordingly */
var arrChars = [nLength,nAlphaUC,nAlphaLC,nNumber,nSymbol];
var arrCharsIds = ["nLength","nAlphaUC","nAlphaLC","nNumber","nSymbol"];
var arrCharsLen = arrChars.length;
for (var c=0; c < arrCharsLen; c++) {
var oImg = $('div_' + arrCharsIds[c]);
var oBonus = $(arrCharsIds[c] + 'Bonus');
$(arrCharsIds[c]).innerHTML = arrChars[c];
if (arrCharsIds[c] == "nLength") { var minVal = parseInt(nMinPwdLen - 1); } else { var minVal = 0; }
if (arrChars[c] == parseInt(minVal + 1)) { nReqChar++; oImg.className = "pass"; oBonus.parentNode.className = "pass"; }
else if (arrChars[c] > parseInt(minVal + 1)) { nReqChar++; oImg.className = "exceed"; oBonus.parentNode.className = "exceed"; }
else { oImg.className = "fail"; oBonus.parentNode.className = "fail"; }
}
nRequirements = nReqChar;
if (pwd.length >= nMinPwdLen) { var nMinReqChars = 3; } else { var nMinReqChars = 4; }
if (nRequirements > nMinReqChars) { // One or more required characters exist
nScore = parseInt(nScore + (nRequirements * 2));
sRequirements = "+ " + parseInt(nRequirements * 2);
}
$("nRequirementsBonus").innerHTML = sRequirements;
 
/* Determine if additional bonuses need to be applied and set image indicators accordingly */
var arrChars = [nMidChar,nRequirements];
var arrCharsIds = ["nMidChar","nRequirements"];
var arrCharsLen = arrChars.length;
for (var c=0; c < arrCharsLen; c++) {
var oImg = $('div_' + arrCharsIds[c]);
var oBonus = $(arrCharsIds[c] + 'Bonus');
$(arrCharsIds[c]).innerHTML = arrChars[c];
if (arrCharsIds[c] == "nRequirements") { var minVal = nMinReqChars; } else { var minVal = 0; }
if (arrChars[c] == parseInt(minVal + 1)) { oImg.className = "pass"; oBonus.parentNode.className = "pass"; }
else if (arrChars[c] > parseInt(minVal + 1)) { oImg.className = "exceed"; oBonus.parentNode.className = "exceed"; }
else { oImg.className = "fail"; oBonus.parentNode.className = "fail"; }
}
 
/* Determine if suggested requirements have been met and set image indicators accordingly */
var arrChars = [nAlphasOnly,nNumbersOnly,nRepChar,nConsecAlphaUC,nConsecAlphaLC,nConsecNumber,nSeqAlpha,nSeqNumber,nSeqSymbol];
var arrCharsIds = ["nAlphasOnly","nNumbersOnly","nRepChar","nConsecAlphaUC","nConsecAlphaLC","nConsecNumber","nSeqAlpha","nSeqNumber","nSeqSymbol"];
var arrCharsLen = arrChars.length;
for (var c=0; c < arrCharsLen; c++) {
var oImg = $('div_' + arrCharsIds[c]);
var oBonus = $(arrCharsIds[c] + 'Bonus');
$(arrCharsIds[c]).innerHTML = arrChars[c];
if (arrChars[c] > 0) { oImg.className = "warn"; oBonus.parentNode.className = "warn"; }
else { oImg.className = "pass"; oBonus.parentNode.className = "pass"; }
}
/* Determine complexity based on overall score */
if (nScore > 100) { nScore = 100; } else if (nScore < 0) { nScore = 0; }
if (nScore >= 0 && nScore < 20) { sComplexity = "Tr&egrave;s Faible"; }
else if (nScore >= 20 && nScore < 40) { sComplexity = "Faible"; }
else if (nScore >= 40 && nScore < 60) { sComplexity = "Moyen"; }
else if (nScore >= 60 && nScore < 80) { sComplexity = "Bon"; }
else if (nScore >= 80 && nScore <= 100) { sComplexity = "Tr&egrave;s bon"; }
/* Display updated score criteria to client */
oScorebar.style.backgroundPosition = "-" + parseInt(nScore * 4) + "px";
oScore.innerHTML = nScore + "%";
oComplexity.innerHTML = sComplexity;
}
else {
/* Display default score criteria to client */
initPwdChk();
oScore.innerHTML = nScore + "%";
oComplexity.innerHTML = sComplexity;
}
}
 
function initPwdChk(restart) {
/* Reset all form values to their default */
var arrZeros = ["nLength","nAlphaUC","nAlphaLC","nNumber","nSymbol","nMidChar","nRequirements","nAlphasOnly","nNumbersOnly","nRepChar","nConsecAlphaUC","nConsecAlphaLC","nConsecNumber","nSeqAlpha","nSeqNumber","nSeqSymbol","nLengthBonus","nAlphaUCBonus","nAlphaLCBonus","nNumberBonus","nSymbolBonus","nMidCharBonus","nRequirementsBonus","nAlphasOnlyBonus","nNumbersOnlyBonus","nRepCharBonus","nConsecAlphaUCBonus","nConsecAlphaLCBonus","nConsecNumberBonus","nSeqAlphaBonus","nSeqNumberBonus","nSeqSymbolBonus"];
var arrPassPars = ["nAlphasOnlyBonus","nNumbersOnlyBonus","nRepCharBonus","nConsecAlphaUCBonus","nConsecAlphaLCBonus","nConsecNumberBonus","nSeqAlphaBonus","nSeqNumberBonus","nSeqSymbolBonus"];
var arrPassDivs = ["div_nAlphasOnly","div_nNumbersOnly","div_nRepChar","div_nConsecAlphaUC","div_nConsecAlphaLC","div_nConsecNumber","div_nSeqAlpha","div_nSeqNumber","div_nSeqSymbol"];
var arrFailPars = ["nLengthBonus","nAlphaUCBonus","nAlphaLCBonus","nNumberBonus","nSymbolBonus","nMidCharBonus","nRequirementsBonus"];
var arrFailDivs = ["div_nLength","div_nAlphaUC","div_nAlphaLC","div_nNumber","div_nSymbol","div_nMidChar","div_nRequirements"];
for (var i in arrZeros) { $(arrZeros[i]).innerHTML = "0"; }
for (var i in arrPassPars) { $(arrPassPars[i]).parentNode.className = "pass"; }
for (var i in arrPassDivs) { $(arrPassDivs[i]).className = "pass"; }
for (var i in arrFailPars) { $(arrFailPars[i]).parentNode.className = "fail"; }
for (var i in arrFailDivs) { $(arrFailDivs[i]).className = "fail"; }
$("passwordPwd").value = "";
$("passwordTxt").value = "";
$("scorebar").style.backgroundPosition = "0";
if (restart) {
$("passwordPwd").className = "";
$("passwordTxt").className = "hide";
}
}
 
addLoadEvent(function() { initPwdChk(1); });
 
Property changes:
Added: svn:executable
+*
\ No newline at end of property