dolibarr 24.0.0-beta
modGeneratePassPerso.class.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2006-2011 Laurent Destailleur <eldy@users.sourceforge.net>
3 * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com>
4 * Copyright (C) 2017 Regis Houssin <regis.houssin@inodbox.com>
5 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
6 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
20 * or see https://www.gnu.org/
21 */
22
29require_once DOL_DOCUMENT_ROOT.'/core/modules/security/generate/modules_genpassword.php';
30
31
35class modGeneratePassPerso extends ModeleGenPassword
36{
40 public $id;
41
42 public $picto = 'fa-shield-alt';
43
47 public $NbMaj;
51 public $NbNum;
55 public $NbSpe;
59 public $NbRepeat;
60
66 public $WithoutAmbi = 0;
67
71 public $Maj;
75 public $Min;
79 public $Nb;
83 public $Spe;
87 public $Ambi;
91 public $All;
92
101 public function __construct($db, $conf, $langs, $user)
102 {
103 $this->id = "Perso";
104 $this->length = $langs->trans("SetupPerso");
105
106 $this->db = $db;
107 $this->conf = $conf;
108 $this->langs = $langs;
109 $this->user = $user;
110
111 if (!getDolGlobalString('USER_PASSWORD_PATTERN')) {
112 // default value at auto generation (12 chars, 1 uppercase, 1 digit, 0 special char, 3 repeat max, exclude ambiguous characters).
113 dolibarr_set_const($db, "USER_PASSWORD_PATTERN", '12;1;1;0;3;1', 'chaine', 0, '', $conf->entity);
114 }
115
116 $this->Maj = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
117 $this->Min = strtolower($this->Maj);
118 $this->Nb = "0123456789";
119 $this->Spe = "!@#$%&*()_-+={}[]\\|:;'/";
120 $this->Ambi = array("1", "I", "l", "|", "O", "0");
121
122 $tabConf = explode(";", getDolGlobalString('USER_PASSWORD_PATTERN'));
123 $this->length2 = (int) $tabConf[0];
124 $this->NbMaj = $tabConf[1];
125 $this->NbNum = $tabConf[2];
126 $this->NbSpe = $tabConf[3];
127 $this->NbRepeat = $tabConf[4];
128 $this->WithoutAmbi = (int) $tabConf[5];
129 }
130
136 private function initAll()
137 {
138 if ($this->WithoutAmbi) {
139 $this->Maj = str_replace($this->Ambi, "", $this->Maj);
140 $this->Min = str_replace($this->Ambi, "", $this->Min);
141 $this->Nb = str_replace($this->Ambi, "", $this->Nb);
142 $this->Spe = str_replace($this->Ambi, "", $this->Spe);
143 }
144
145 $pattern = $this->Min.(!empty($this->NbMaj) ? $this->Maj : '').(!empty($this->NbNum) ? $this->Nb : '').(!empty($this->NbSpe) ? $this->Spe : '');
146
147 // Use the Fisher-Yate to shake (this replace str_shuffle)
148 $passwordArray = str_split($pattern);
149 for ($i = count($passwordArray) - 1; $i > 0; $i--) {
150 $j = random_int(0, $i);
151 $tmp = $passwordArray[$i];
152 $passwordArray[$i] = $passwordArray[$j];
153 $passwordArray[$j] = $tmp;
154 }
155 $this->All = implode('', $passwordArray);
156 }
157
163 public function getDescription()
164 {
165 global $langs;
166 return $langs->trans("PasswordGenerationPerso");
167 }
168
174 public function getExample()
175 {
176 return $this->getNewGeneratedPassword();
177 }
178
186 public function getNewGeneratedPassword()
187 {
188 $this->initAll();
189
190 $pass = "";
191 for ($i = 0; $i < $this->NbMaj; $i++) {
192 // Y
193 $pass .= $this->Maj[mt_rand(0, strlen($this->Maj) - 1)];
194 }
195
196 for ($i = 0; $i < $this->NbNum; $i++) {
197 // X
198 $pass .= $this->Nb[mt_rand(0, strlen($this->Nb) - 1)];
199 }
200
201 for ($i = 0; $i < $this->NbSpe; $i++) {
202 // @
203 $pass .= $this->Spe[mt_rand(0, strlen($this->Spe) - 1)];
204 }
205
206 for ($i = strlen($pass); $i < $this->length2; $i++) {
207 // y
208 $pass .= $this->All[mt_rand(0, strlen($this->All) - 1)];
209 }
210
211 // Use the Fisher-Yate to shake (this replace str_shuffle)
212 $passwordArray = str_split($pass);
213 for ($i = count($passwordArray) - 1; $i > 0; $i--) {
214 $j = random_int(0, $i);
215 $tmp = $passwordArray[$i];
216 $passwordArray[$i] = $passwordArray[$j];
217 $passwordArray[$j] = $tmp;
218 }
219 $pass = implode('', $passwordArray);
220
221 // Check that generation was ok
222 if ($this->validatePassword($pass)) {
223 return $pass;
224 }
225
226 return $this->getNewGeneratedPassword(); // warning, may generate infinite loop if conditions are not possible
227 }
228
236 public function validatePassword($password)
237 {
238 global $langs;
239
240 $this->initAll(); // For the case this method is called alone
241
242 dol_syslog("modGeneratePassPerso::validatePassword");
243
244 $password_a = preg_split('//u', $password, 0, PREG_SPLIT_NO_EMPTY);
245 $maj = preg_split('//u', $this->Maj, 0, PREG_SPLIT_NO_EMPTY);
246 $num = preg_split('//u', $this->Nb, 0, PREG_SPLIT_NO_EMPTY);
247 $spe = preg_split('//u', $this->Spe, 0, PREG_SPLIT_NO_EMPTY);
248 /*
249 $password_a = str_split($password);
250 $maj = str_split($this->Maj);
251 $num = str_split($this->Nb);
252 $spe = str_split($this->Spe);
253 */
254
255 if (dol_strlen($password) < $this->length2) {
256 $langs->load("other");
257 $this->error = $langs->trans("YourPasswordMustHaveAtLeastXChars", $this->length2);
258 return 0;
259 }
260
261 if (count(array_intersect($password_a, $maj)) < $this->NbMaj) {
262 $langs->load("other");
263 $this->error = $langs->trans('PasswordNeedAtLeastXUpperCaseChars', $this->NbMaj);
264 return 0;
265 }
266
267 if (count(array_intersect($password_a, $num)) < $this->NbNum) {
268 $langs->load("other");
269 $this->error = $langs->trans('PasswordNeedAtLeastXDigitChars', $this->NbNum);
270 return 0;
271 }
272
273 if (count(array_intersect($password_a, $spe)) < $this->NbSpe) {
274 $langs->load("other");
275 $this->error = $langs->trans('PasswordNeedAtLeastXSpecialChars', $this->NbSpe);
276 return 0;
277 }
278
279 if (!$this->consecutiveIterationSameCharacter($password)) {
280 $langs->load("other");
281 $this->error = $langs->trans('PasswordNeedNoXConsecutiveChars', $this->NbRepeat);
282 return 0;
283 }
284
285 return 1;
286 }
287
294 public function consecutiveIterationSameCharacter($password)
295 {
296 $this->initAll();
297
298 if (empty($this->NbRepeat)) {
299 return true;
300 }
301
302 $char = preg_split('//u', $password, 0, PREG_SPLIT_NO_EMPTY);
303
304 $last = "";
305 $count = 0;
306 foreach ($char as $c) {
307 if ($c != $last) {
308 $last = $c;
309 $count = 1;
310 //print "Char $c - count = $count\n";
311 continue;
312 }
313
314 $count++;
315 //print "Char $c - count = $count\n";
316
317 if ($count > $this->NbRepeat) {
318 return false;
319 }
320 }
321
322 return true;
323 }
324}
dolibarr_set_const
dolibarr_set_const($db, $name, $value, $type='chaine', $visible=0, $note='', $entity=1)
Insert a parameter (key,value) into database (delete old key then insert it again).
Definition admin.lib.php:672
$c
$c
Definition line.php:334
ModeleGenPassword
Parent class for password rules/management modules.
Definition modules_genpassword.php:33
modGeneratePassPerso
Class to generate a password according to personal rules.
Definition modGeneratePassPerso.class.php:36
modGeneratePassPerso\validatePassword
validatePassword($password)
Validate a password.
Definition modGeneratePassPerso.class.php:236
modGeneratePassPerso\consecutiveIterationSameCharacter
consecutiveIterationSameCharacter($password)
Check the consecutive iterations of the same character.
Definition modGeneratePassPerso.class.php:294
modGeneratePassPerso\__construct
__construct($db, $conf, $langs, $user)
Constructor.
Definition modGeneratePassPerso.class.php:101
modGeneratePassPerso\getExample
getExample()
Return an example of password generated by this module.
Definition modGeneratePassPerso.class.php:174
modGeneratePassPerso\initAll
initAll()
Init the property ->All and clean ->Maj, ->Min, ->Nb and ->Spe with list of valid chars.
Definition modGeneratePassPerso.class.php:136
modGeneratePassPerso\getNewGeneratedPassword
getNewGeneratedPassword()
Build new password.
Definition modGeneratePassPerso.class.php:186
modGeneratePassPerso\getDescription
getDescription()
Return description of module.
Definition modGeneratePassPerso.class.php:163
dol_strlen
dol_strlen($string, $stringencoding='UTF-8')
Make a strlen call.
Definition functions.lib.php:5467
getDolGlobalString
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
Definition functions.lib.php:286
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2754
conf
conf($dolibarr_main_document_root)
Load conf file (file must exists)
Definition inc.php:426
user
$conf db user
Active Directory does not allow anonymous connections.
Definition repair.php:134
Generated on Mon Jun 22 2026 21:04:42 for dolibarr by Doxygen 1.11.0