dolibarr  16.0.5
modGeneratePassPerso.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2006-2011 Laurent Destailleur <eldy@users.sourceforge.net>
3  * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com>
4  * Copyright (C) 2017 Regis Houssin <regis.houssin@inodbox.com>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <https://www.gnu.org/licenses/>.
18  * or see https://www.gnu.org/
19  */
20 
27 require_once DOL_DOCUMENT_ROOT.'/core/modules/security/generate/modules_genpassword.php';
28 
29 
33 class modGeneratePassPerso extends ModeleGenPassword
34 {
38  public $id;
39 
45  public $length;
46 
52  public $length2;
53 
54  public $NbMaj;
55  public $NbNum;
56  public $NbSpe;
57  public $NbRepeat;
58 
64  public $WithoutAmbi = 0;
65 
69  public $db;
70 
71  public $conf;
72  public $lang;
73  public $user;
74 
75  public $Maj;
76  public $Min;
77  public $Nb;
78  public $Spe;
79  public $Ambi;
80  public $All;
81 
90  public function __construct($db, $conf, $langs, $user)
91  {
92  $this->id = "Perso";
93  $this->length = $langs->trans("SetupPerso");
94 
95  $this->db = $db;
96  $this->conf = $conf;
97  $this->langs = $langs;
98  $this->user = $user;
99 
100  if (empty($conf->global->USER_PASSWORD_PATTERN)) {
101  // default value at auto generation (12 chars, 1 upercase, 1 digit, 1 special char, 3 repeat, exclude ambiguous characters).
102  dolibarr_set_const($db, "USER_PASSWORD_PATTERN", '12;1;1;1;3;1', 'chaine', 0, '', $conf->entity);
103  }
104 
105  $this->Maj = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
106  $this->Min = strtolower($this->Maj);
107  $this->Nb = "0123456789";
108  $this->Spe = "!@#$%&*()_-+={}[]\\|:;'/";
109  $this->Ambi = array("1", "I", "l", "|", "O", "0");
110 
111  $tabConf = explode(";", $conf->global->USER_PASSWORD_PATTERN);
112  $this->length2 = $tabConf[0];
113  $this->NbMaj = $tabConf[1];
114  $this->NbNum = $tabConf[2];
115  $this->NbSpe = $tabConf[3];
116  $this->NbRepeat = $tabConf[4];
117  $this->WithoutAmbi = $tabConf[5];
118  }
119 
125  private function initAll()
126  {
127  if ($this->WithoutAmbi) {
128  $this->Maj = str_replace($this->Ambi, "", $this->Maj);
129  $this->Min = str_replace($this->Ambi, "", $this->Min);
130  $this->Nb = str_replace($this->Ambi, "", $this->Nb);
131  $this->Spe = str_replace($this->Ambi, "", $this->Spe);
132  }
133 
134  $pattern = $this->Min.(!empty($this->NbMaj) ? $this->Maj : '').(!empty($this->NbNum) ? $this->Nb : '').(!empty($this->NbSpe) ? $this->Spe : '');
135  $this->All = str_shuffle($pattern);
136  }
137 
143  public function getDescription()
144  {
145  global $langs;
146  return $langs->trans("PasswordGenerationPerso");
147  }
148 
154  public function getExample()
155  {
156  return $this->getNewGeneratedPassword();
157  }
158 
164  public function getNewGeneratedPassword()
165  {
166  $this->initAll();
167 
168  $pass = "";
169  for ($i = 0; $i < $this->NbMaj; $i++) {
170  // Y
171  $pass .= $this->Maj[mt_rand(0, strlen($this->Maj) - 1)];
172  }
173 
174  for ($i = 0; $i < $this->NbNum; $i++) {
175  // X
176  $pass .= $this->Nb[mt_rand(0, strlen($this->Nb) - 1)];
177  }
178 
179  for ($i = 0; $i < $this->NbSpe; $i++) {
180  // @
181  $pass .= $this->Spe[mt_rand(0, strlen($this->Spe) - 1)];
182  }
183 
184  for ($i = strlen($pass); $i < $this->length2; $i++) {
185  // y
186  $pass .= $this->All[mt_rand(0, strlen($this->All) - 1)];
187  }
188 
189  $pass = str_shuffle($pass);
190 
191  if ($this->validatePassword($pass)) {
192  return $pass;
193  }
194 
195  return $this->getNewGeneratedPassword(); // warning, may generate infinite loop if conditions are not possible
196  }
197 
205  public function validatePassword($password)
206  {
207  global $langs;
208 
209  $this->initAll(); // For the case this method is called alone
210 
211  $password_a = preg_split('//u', $password, null, PREG_SPLIT_NO_EMPTY);
212  $maj = preg_split('//u', $this->Maj, null, PREG_SPLIT_NO_EMPTY);
213  $num = preg_split('//u', $this->Nb, null, PREG_SPLIT_NO_EMPTY);;
214  $spe = preg_split('//u', $this->Spe, null, PREG_SPLIT_NO_EMPTY);
215  /*
216  $password_a = str_split($password);
217  $maj = str_split($this->Maj);
218  $num = str_split($this->Nb);
219  $spe = str_split($this->Spe);
220  */
221 
222  if (dol_strlen($password) < $this->length2) {
223  $langs->load("other");
224  $this->error = $langs->trans("YourPasswordMustHaveAtLeastXChars", $this->length2);
225  return 0;
226  }
227 
228  if (count(array_intersect($password_a, $maj)) < $this->NbMaj) {
229  $langs->load("other");
230  $this->error = $langs->trans('PasswordNeedAtLeastXUpperCaseChars', $this->NbMaj);
231  return 0;
232  }
233 
234  if (count(array_intersect($password_a, $num)) < $this->NbNum) {
235  $langs->load("other");
236  $this->error = $langs->trans('PasswordNeedAtLeastXDigitChars', $this->NbNum);
237  return 0;
238  }
239 
240  if (count(array_intersect($password_a, $spe)) < $this->NbSpe) {
241  $langs->load("other");
242  $this->error = $langs->trans('PasswordNeedAtLeastXSpecialChars', $this->NbSpe);
243  return 0;
244  }
245 
246  if (!$this->consecutiveIterationSameCharacter($password)) {
247  $langs->load("other");
248  $this->error = $langs->trans('PasswordNeedNoXConsecutiveChars', $this->NbRepeat);
249  return 0;
250  }
251 
252  return 1;
253  }
254 
261  public function consecutiveIterationSameCharacter($password)
262  {
263  $this->initAll();
264 
265  if (empty($this->NbRepeat)) {
266  return true;
267  }
268 
269  $char = preg_split('//u', $password, null, PREG_SPLIT_NO_EMPTY);
270 
271  $last = "";
272  $count = 0;
273  foreach ($char as $c) {
274  if ($c != $last) {
275  $last = $c;
276  $count = 1;
277  //print "Char $c - count = $count\n";
278  continue;
279  }
280 
281  $count++;
282  //print "Char $c - count = $count\n";
283 
284  if ($count > $this->NbRepeat) {
285  return false;
286  }
287  }
288 
289  return true;
290  }
291 }
db
$conf db
API class for accounts.
Definition: inc.php:41
modGeneratePassPerso\initAll
initAll()
Init the property ->All and clean ->Maj, ->Min, ->Nb and ->Spe with list of valid chars.
Definition: modGeneratePassPerso.class.php:125
modGeneratePassPerso\getExample
getExample()
Return an example of password generated by this module.
Definition: modGeneratePassPerso.class.php:154
modGeneratePassPerso\__construct
__construct($db, $conf, $langs, $user)
Constructor.
Definition: modGeneratePassPerso.class.php:90
modGeneratePassPerso
Class to generate a password according to personal rules.
Definition: modGeneratePassPerso.class.php:33
modGeneratePassPerso\consecutiveIterationSameCharacter
consecutiveIterationSameCharacter($password)
Check the consecutive iterations of the same character.
Definition: modGeneratePassPerso.class.php:261
modGeneratePassPerso\getNewGeneratedPassword
getNewGeneratedPassword()
Build new password.
Definition: modGeneratePassPerso.class.php:164
modGeneratePassPerso\getDescription
getDescription()
Return description of module.
Definition: modGeneratePassPerso.class.php:143
conf
conf($dolibarr_main_document_root)
Load conf file (file must exists)
Definition: inc.php:300
dol_strlen
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
Definition: functions.lib.php:3747
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition: admin.lib.php:627
ModeleGenPassword
Parent class for password rules/management modules.
Definition: modules_genpassword.php:30
modGeneratePassPerso\validatePassword
validatePassword($password)
Validate a password.
Definition: modGeneratePassPerso.class.php:205
user
$conf db user
Definition: repair.php:123
Generated on Sun Feb 4 2024 01:01:15 for dolibarr by Doxygen 1.8.17