iomarmochtar/Custom_Password_Validator.php

## Custom_Password_Validator.php
<?php
/**
 * Custom password policy validator for ClearOS (6)
 *
 * @author Imam Omar Mochtar <iomarmochtar@gmail.com>
 */

namespace clearos\apps\users;


require_once('custom_password_policy.php');

// omarov:
class Custom_Password_Validator {

	// password cannot contain username
	public static function check_usrn_passwd($usrn, $passwd){
		$err_msg = "Password cannot contain username !!!";
		if ($usrn && $password && preg_match('/'.$usrn.'/i', $password))
			return $err_msg;
		return FALSE;
	}


    // password policy check
    public static function validate($pass, $username=null){
        if (!$pass)
            return null;

        $obj = new self();
        $is_err = $obj->checkPasswdPolicy($pass);
        if ($is_err)
            return "$is_err";

        if ($username && $err_same = self::check_usrn_passwd($username, $pass))
            return $err_same;

        return null;
    }


	/**
	* omarov: get list of custom policy
	*
	* @return array
	**/
	private function getPasswdPolicies(){


		return array(
			"min_char"=> array(
				"name" => "Mininum Length",
				"value" => POLICY_MIN_LENGTH,
				"score"=>0
			),
				"max_char"=> array(
				"name" => "Maximum Length",
				"value" => POLICY_MAX_LENGTH,
				"score"=>0
			),
			"min_upper"=>   array(
				"name" => "Mininum Uppercase",
				"value" => POLICY_MIN_UPPERCASE,
				"score"=>0
			),
			"min_num"=> array(
				"name" => "Mininum Numeric",
				"value" => POLICY_MIN_NUMERIC,
				"score"=>0
			),
			"min_punch"=>array(
				"name" => "Mininum Punctuation",
				"value" => POLICY_MIN_PUNCTUATION,
				"score"=>0
			),
		);

	}


	/**
	 * omarov: check password policy
	 * - Cannot contain username
	 * - Cannot contain list of weak password
	 * - Password policy character checker
	 *
	**/
	private function checkPasswdPolicy($passwd){

		// list of weak password
		$weak_list = require('custom_weak_passwd_list.php');
		if (in_array($passwd, $weak_list))
			return "Your new password is listed as weak password !!!";

		// defined policy begin
		$policy = $this->getPasswdPolicies();
		$pass_len = strlen($passwd);
		$punch_list = str_split('!"#$%&\'()*+,-./:;<=>?@[\\]^_`{|}~');

		$policy['min_char']['score'] = $pass_len;
		$policy['max_char']['score'] = $pass_len;

		foreach( str_split($passwd) as $letter ){

			if (is_numeric($letter))
					$policy['min_num']['score'] += 1;

			if (preg_match('/[A-Z]/', $letter))
					$policy['min_upper']['score'] += 1;

			if (in_array($letter, $punch_list))
					$policy['min_punch']['score'] += 1;
		}

		// chek the result
		foreach( $policy as $name => $pdata ){
			$iserr = false;

			if ($name == 'max_char'){
				if ($pdata['value'] && $pdata['score'] > $pdata['value'] )
					$iserr = true;
			} else {
					if ($pdata['score'] < $pdata['value'])
						$iserr = true;
			}

			if ($iserr){
				$text = "Password Policy Missmatch: ".$pdata['name']." (".$pdata['value'].")";
				return $text;
			}

		}

		return null;

	}


}
	<?php
	/**
	* Custom password policy validator for ClearOS (6)
	*
	* @author Imam Omar Mochtar <iomarmochtar@gmail.com>
	*/

	namespace clearos\apps\users;


	require_once('custom_password_policy.php');

	// omarov:
	class Custom_Password_Validator {

	// password cannot contain username
	public static function check_usrn_passwd($usrn, $passwd){
	$err_msg = "Password cannot contain username !!!";
	if ($usrn && $password && preg_match('/'.$usrn.'/i', $password))
	return $err_msg;
	return FALSE;
	}


	// password policy check
	public static function validate($pass, $username=null){
	if (!$pass)
	return null;

	$obj = new self();
	$is_err = $obj->checkPasswdPolicy($pass);
	if ($is_err)
	return "$is_err";

	if ($username && $err_same = self::check_usrn_passwd($username, $pass))
	return $err_same;

	return null;
	}



	/**
	* omarov: get list of custom policy
	*
	* @return array
	**/
	private function getPasswdPolicies(){


	return array(
	"min_char"=> array(
	"name" => "Mininum Length",
	"value" => POLICY_MIN_LENGTH,
	"score"=>0
	),
	"max_char"=> array(
	"name" => "Maximum Length",
	"value" => POLICY_MAX_LENGTH,
	"score"=>0
	),
	"min_upper"=> array(
	"name" => "Mininum Uppercase",
	"value" => POLICY_MIN_UPPERCASE,
	"score"=>0
	),
	"min_num"=> array(
	"name" => "Mininum Numeric",
	"value" => POLICY_MIN_NUMERIC,
	"score"=>0
	),
	"min_punch"=>array(
	"name" => "Mininum Punctuation",
	"value" => POLICY_MIN_PUNCTUATION,
	"score"=>0
	),
	);

	}



	/**
	* omarov: check password policy
	* - Cannot contain username
	* - Cannot contain list of weak password
	* - Password policy character checker
	*
	**/
	private function checkPasswdPolicy($passwd){

	// list of weak password
	$weak_list = require('custom_weak_passwd_list.php');
	if (in_array($passwd, $weak_list))
	return "Your new password is listed as weak password !!!";

	// defined policy begin
	$policy = $this->getPasswdPolicies();
	$pass_len = strlen($passwd);
	$punch_list = str_split('!"#$%&\'()*+,-./:;<=>?@[\\]^_`{\|}~');

	$policy['min_char']['score'] = $pass_len;
	$policy['max_char']['score'] = $pass_len;

	foreach( str_split($passwd) as $letter ){

	if (is_numeric($letter))
	$policy['min_num']['score'] += 1;

	if (preg_match('/[A-Z]/', $letter))
	$policy['min_upper']['score'] += 1;

	if (in_array($letter, $punch_list))
	$policy['min_punch']['score'] += 1;
	}

	// chek the result
	foreach( $policy as $name => $pdata ){
	$iserr = false;

	if ($name == 'max_char'){
	if ($pdata['value'] && $pdata['score'] > $pdata['value'] )
	$iserr = true;
	} else {
	if ($pdata['score'] < $pdata['value'])
	$iserr = true;
	}

	if ($iserr){
	$text = "Password Policy Missmatch: ".$pdata['name']." (".$pdata['value'].")";
	return $text;
	}

	}

	return null;

	}


	}