Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthPasswordEngine.php
| Show First 20 Lines • Show All 175 Lines • ▼ Show 20 Lines | foreach ($terms_map as $term => $source) { | ||||
| $normal_map[$term] = $source; | $normal_map[$term] = $source; | ||||
| } | } | ||||
| // Finally, make sure that none of the terms appear in the password, | // Finally, make sure that none of the terms appear in the password, | ||||
| // and that the password does not appear in any of the terms. | // and that the password does not appear in any of the terms. | ||||
| $normal_password = phutil_utf8_strtolower($raw_password); | $normal_password = phutil_utf8_strtolower($raw_password); | ||||
| if (strlen($normal_password) >= $minimum_similarity) { | if (strlen($normal_password) >= $minimum_similarity) { | ||||
| foreach ($normal_map as $term => $source) { | foreach ($normal_map as $term => $source) { | ||||
| // See T2312. This may be required if the term list includes numeric | |||||
| // strings like "12345", which will be cast to integers when used as | |||||
| // array keys. | |||||
| $term = phutil_string_cast($term); | |||||
| if (strpos($term, $normal_password) === false && | if (strpos($term, $normal_password) === false && | ||||
| strpos($normal_password, $term) === false) { | strpos($normal_password, $term) === false) { | ||||
| continue; | continue; | ||||
| } | } | ||||
| throw new PhabricatorAuthPasswordException( | throw new PhabricatorAuthPasswordException( | ||||
| pht( | pht( | ||||
| 'The password you entered is very similar to a nonsecret account '. | 'The password you entered is very similar to a nonsecret account '. | ||||
| ▲ Show 20 Lines • Show All 195 Lines • Show Last 20 Lines | |||||