From c18899dd1bc5eefb3d863281361e8d4d13f86372 Mon Sep 17 00:00:00 2001 From: Herb v/d Dool Date: Wed, 18 Jan 2023 12:26:16 -0500 Subject: [PATCH] (dev/backdrop#77) Fix fatal error with password validation --- CRM/Core/BAO/CMSUser.php | 6 +++++ CRM/Utils/System/Backdrop.php | 45 ++++++++++++++++++++++++++++++++++- CRM/Utils/System/Base.php | 11 +++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) diff --git a/CRM/Core/BAO/CMSUser.php b/CRM/Core/BAO/CMSUser.php index c12773d926..c53d1e7999 100644 --- a/CRM/Core/BAO/CMSUser.php +++ b/CRM/Core/BAO/CMSUser.php @@ -198,10 +198,16 @@ class CRM_Core_BAO_CMSUser { $params = [ 'name' => $fields['cms_name'], 'mail' => $fields[$emailName], + 'pass' => $fields['cms_pass'], ]; } $config->userSystem->checkUserNameEmailExists($params, $errors, $emailName); + + // Verify the password. + if ($config->userSystem->isPasswordUserGenerated()) { + $config->userSystem->verifyPassword($params, $errors); + } } return (!empty($errors)) ? $errors : TRUE; } diff --git a/CRM/Utils/System/Backdrop.php b/CRM/Utils/System/Backdrop.php index 8dbf872783..89259e825a 100644 --- a/CRM/Utils/System/Backdrop.php +++ b/CRM/Utils/System/Backdrop.php @@ -33,8 +33,13 @@ class CRM_Utils_System_Backdrop extends CRM_Utils_System_DrupalBase { ]; $admin = user_access('administer users'); + $user_register_conf = config_get('system.core', 'user_register'); + if (!$admin && $user_register_conf == 'admin_only') { + return FALSE; + } + if (!config_get('system.core', 'user_email_verification') || $admin) { - $form_state['input']['pass'] = ['pass1' => $params['cms_pass'], 'pass2' => $params['cms_pass']]; + $form_state['input']['pass'] = $params['cms_pass']; } if (!empty($params['notify'])) { @@ -419,6 +424,44 @@ AND u.status = 1 return TRUE; } + /** + * @inheritdoc + */ + public function verifyPassword($params, &$errors) { + $errors = form_get_errors(); + if ($errors) { + // unset Backdrop messages to avoid twice display of errors + unset($_SESSION['messages']); + } + + $password = trim($params['pass']); + $username = $params['name']; + $email = $params['mail']; + + module_load_include('password.inc', 'user', 'user'); + $reject_weak = user_password_reject_weak($username); + if (!$reject_weak) { + return; + } + + $strength = _user_password_evaluate_strength($password, $username, $email); + + if ($strength < config('system.core')->get('user_password_strength_threshold')) { + $password_errors[] = ts('The password is too weak. Please consider making your password longer or more complex: that it contains a number of lower- and uppercase letters, digits and punctuation.'); + } + + if (backdrop_strtolower($password) == backdrop_strtolower($username)) { + $password_errors[] = ts('The password cannot be the same as the username.'); + } + if (backdrop_strtolower($password) == backdrop_strtolower($email)) { + $password_errors[] = ts('The password cannot be the same as the email.'); + } + + if (!empty($password_errors)) { + $errors['cms_pass'] = ts('Weak passwords are rejected. Please note the following issues: %1', [1 => implode(' ', $password_errors)]); + } + } + /** * @inheritDoc */ diff --git a/CRM/Utils/System/Base.php b/CRM/Utils/System/Base.php index 9b435b22d8..7a8ad78d44 100644 --- a/CRM/Utils/System/Base.php +++ b/CRM/Utils/System/Base.php @@ -458,6 +458,17 @@ abstract class CRM_Utils_System_Base { return FALSE; } + /** + * Verify password + * + * @param array $params + * Array of name, mail and password values. + * @param array $errors + * Array of errors. + */ + public function verifyPassword($params, &$errors) { + } + /** * Is a front end page being accessed. * -- 2.25.1