Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/engine/PhabricatorAuthPasswordEngine.php
Show First 20 Lines • Show All 175 Lines • ▼ Show 20 Lines | foreach ($terms_map as $term => $source) { | ||||
$normal_map[$term] = $source; | $normal_map[$term] = $source; | ||||
} | } | ||||
// Finally, make sure that none of the terms appear in the password, | // Finally, make sure that none of the terms appear in the password, | ||||
// and that the password does not appear in any of the terms. | // and that the password does not appear in any of the terms. | ||||
$normal_password = phutil_utf8_strtolower($raw_password); | $normal_password = phutil_utf8_strtolower($raw_password); | ||||
if (strlen($normal_password) >= $minimum_similarity) { | if (strlen($normal_password) >= $minimum_similarity) { | ||||
foreach ($normal_map as $term => $source) { | foreach ($normal_map as $term => $source) { | ||||
// See T2312. This may be required if the term list includes numeric | |||||
// strings like "12345", which will be cast to integers when used as | |||||
// array keys. | |||||
$term = phutil_string_cast($term); | |||||
if (strpos($term, $normal_password) === false && | if (strpos($term, $normal_password) === false && | ||||
strpos($normal_password, $term) === false) { | strpos($normal_password, $term) === false) { | ||||
continue; | continue; | ||||
} | } | ||||
throw new PhabricatorAuthPasswordException( | throw new PhabricatorAuthPasswordException( | ||||
pht( | pht( | ||||
'The password you entered is very similar to a nonsecret account '. | 'The password you entered is very similar to a nonsecret account '. | ||||
▲ Show 20 Lines • Show All 195 Lines • Show Last 20 Lines |