From 1347a300509b2ab3083bb88193987c18b33187ad Mon Sep 17 00:00:00 2001
From: Tim Almdal <tnalmdal@shaw.ca>
Date: Tue, 27 Oct 2009 12:23:48 -0700
Subject: [PATCH] Add a password strength meter.

---
 modules/user/controllers/admin_users.php |  13 +++++---
 modules/user/controllers/password.php    |  11 ++++---
 modules/user/controllers/users.php       |   4 ++-
 modules/user/css/progressImg1.png        | Bin 0 -> 390 bytes
 modules/user/css/user.css                |  36 +++++++++++++++++++++
 modules/user/helpers/user_theme.php      |   2 ++
 modules/user/js/password_strength.js     |  39 +++++++++++++++++++++++
 modules/user/views/user_form.html.php    |   7 ++++
 8 files changed, 101 insertions(+), 11 deletions(-)
 create mode 100644 modules/user/css/progressImg1.png
 create mode 100644 modules/user/js/password_strength.js
 create mode 100644 modules/user/views/user_form.html.php

diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 55a525ba99..ac5dc33c4c 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -63,7 +63,9 @@ public function add_user() {
   }
 
   public function add_user_form() {
-    print $this->_get_user_add_form_admin();
+    $v = new View("user_form.html");
+    $v->form = $this->_get_user_add_form_admin();
+    print $v;
   }
 
   public function delete_user($id) {
@@ -156,12 +158,13 @@ public function edit_user_form($id) {
       kohana::show_404();
     }
 
-    $form = $this->_get_user_edit_form_admin($user);
+    $v = new View("user_form.html");
+    $v->form = $this->_get_user_edit_form_admin($user);
     // Don't allow the user to control their own admin bit, else you can lock yourself out
     if ($user->id == identity::active_user()->id) {
-      $form->edit_user->admin->disabled(1);
+      $v->form->edit_user->admin->disabled(1);
     }
-    print $form;
+    print $v;
   }
 
   public function add_user_to_group($user_id, $group_id) {
@@ -330,7 +333,7 @@ static function _get_user_add_form_admin() {
     $form->add_rules_from(ORM::factory("user"));
 
     $minimum_length = module::get_var("user", "mininum_password_length", 5);
-    $form->edit_user->password
+    $form->add_user->password
       ->rules($minimum_length ? "length[$minimum_length, 40]" : "length[40]");
 
     module::event("user_add_form_admin", $user, $form);
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 888fb37d6b..5f36b554c2 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -32,7 +32,7 @@ public function do_reset() {
     if (request::method() == "post") {
       $this->_change_password();
     } else {
-      $user = user::lookup_user_by_field("hash", Input::instance()->get("key"));
+      $user = user::lookup_by_hash(Input::instance()->get("key"));
       if (!empty($user)) {
         print $this->_new_password_form($user->hash);
       } else {
@@ -46,7 +46,7 @@ private function _send_reset() {
 
     $valid = $form->validate();
     if ($valid) {
-      $user = identity::lookup_user_by_name($form->reset->inputs["name"]->value);
+      $user = user::lookup_by_name($form->reset->inputs["name"]->value);
       if (!$user->loaded || empty($user->email)) {
         $form->reset->inputs["name"]->add_error("no_email", 1);
         $valid = false;
@@ -110,19 +110,20 @@ private function _new_password_form($hash=null) {
       "mistyped", t("The password and the confirm password must match"));
     $group->submit("")->value(t("Update"));
 
-    $template->content = $form;
+    $template->content = new View("user_form.html");
+    $template->content->form = $form;
     return $template;
   }
 
   private function _change_password() {
     $view = $this->_new_password_form();
-    if ($view->content->validate()) {
+    if ($view->content->form->validate()) {
       $user = user::lookup_by_hash(Input::instance()->post("hash"));
       if (empty($user)) {
         throw new Exception("@todo FORBIDDEN", 503);
       }
 
-      $user->password = $view->content->reset->password->value;
+      $user->password = $view->content->form->reset->password->value;
       $user->hash = null;
       $user->save();
       message::success(t("Password reset successfully"));
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index 3507ec6d2e..7bcc74d721 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -63,7 +63,9 @@ public function form_edit($id) {
       access::forbidden();
     }
 
-    print $this->_get_edit_form($user);
+    $v = new View("user_form.html");
+    $v->form = $this->_get_edit_form($user);
+    print $v;
   }
 
   private function _get_edit_form($user) {
diff --git a/modules/user/css/progressImg1.png b/modules/user/css/progressImg1.png
new file mode 100644
index 0000000000000000000000000000000000000000..a9093647cb45e1c8c2a50cad6f2878956f2f06b1
GIT binary patch
literal 390
zcmeAS@N?(olHy`uVBq!ia0vp^T|n&1!3-q*w(vv&DajJoh?3y^w370~qErUQl>DSr
z1<%~X^wgl##FWaylc_d9MV0|RA+GiH_5c6>fA;LzqeqW6J>t24|Ni7l3{Rgvtv$l{
z<jIrbEsVZf7@r(u_`ikW;lqdjyBOXjFkRIEYG&9aH)AT05-thy3kI5i1{gNg-r)dB
zAMtc?45_&F=JIL2CIbnVhpQ?MbD#Qczh;tO&-6{&Wn9nS{F`t<=Z90p>i6DpifiI{
z`?=!IYr2cd=Z5TArxh1Hb(h`!O<^mu*YDeZe9A;kyZ>Di6%5o3%}+hpp2{`j;2i$X
zev%wX5SF7PN7OqJgJw(nXJJ6*B_Ojh>x_D;LdLz|13b_EC)sH;I~LDoN;8;#q$ZH9
z>D7E7^LN6#DUA!HmN!VASvMp9ltX|lNUfE@ebHdI<qbcdS8*6HC|=yU^5^!e6G7hg
MboFyt=akR{04JcX!~g&Q

literal 0
HcmV?d00001

diff --git a/modules/user/css/user.css b/modules/user/css/user.css
index 3b5e7ac2d4..67d4f19606 100644
--- a/modules/user/css/user.css
+++ b/modules/user/css/user.css
@@ -54,3 +54,39 @@ li.g-group .g-user .g-button {
 li.g-default-group h4, li.g-default-group .g-user {
   color: gray;
 }
+
+.g-password-strength0 {
+  background: url(progressImg1.png) no-repeat 0 0;
+  width: 138px;
+  height: 7px;
+}
+.g-password-strength10 {
+  background-position:0 -7px;
+}
+.g-password-strength20 {
+  background-position:0 -14px;
+}
+.g-password-strength30 {
+  background-position:0 -21px;
+}
+.g-password-strength40 {
+  background-position:0 -28px;
+}
+.g-password-strength50 {
+  background-position:0 -35px;
+}
+.g-password-strength60 {
+  background-position:0 -42px;
+}
+.g-password-strength70 {
+  background-position:0 -49px;
+}
+.g-password-strength80 {
+  background-position:0 -56px;
+}
+.g-password-strength90 {
+  background-position:0 -63px;
+}
+.g-password-strength100 {
+  background-position:0 -70px;
+}
diff --git a/modules/user/helpers/user_theme.php b/modules/user/helpers/user_theme.php
index 191fd15ab6..31e2e8c0b6 100644
--- a/modules/user/helpers/user_theme.php
+++ b/modules/user/helpers/user_theme.php
@@ -20,9 +20,11 @@
 class user_theme_Core {
   static function head($theme) {
     $theme->css("user.css");
+    $theme->script("password_strength.js");
   }
 
   static function admin_head($theme) {
     $theme->css("user.css");
+    $theme->script("password_strength.js");
   }
 }
\ No newline at end of file
diff --git a/modules/user/js/password_strength.js b/modules/user/js/password_strength.js
new file mode 100644
index 0000000000..2442b8de00
--- /dev/null
+++ b/modules/user/js/password_strength.js
@@ -0,0 +1,39 @@
+(function($) {
+   // Based on the Password Strength Indictor By Benjamin Sterling
+   // http://benjaminsterling.com/password-strength-indicator-and-generator/
+   $.widget("ui.user_password_strength",  {
+     _init: function() {
+       var self = this;
+       $(this.element).keyup(function() {
+	 var strength = self.calculateStrength (this.value);
+	 var index = Math.min(Math.floor( strength / 10 ), 10);
+         $("#g-password-gauge")
+           .removeAttr('class')
+	   .addClass( "g-password-strength0" )
+	   .addClass( self.options.classes[ index ] );
+       }).after("<div id='g-password-gauge' class='g-password-strength0'></div>");
+     },
+
+     calculateStrength: function(value) {
+       // Factor in the length of the password
+       var strength = Math.min(5, value.length) * 10 - 20;
+       // Factor in the number of numbers
+       strength += Math.min(3, value.length - value.replace(/[0-9]/g,"").length) * 10;
+       // Factor in the number of non word characters
+       strength += Math.min(3, value.length - value.replace(/\W/g,"").length) * 15;
+       // Factor in the number of Upper case letters
+       strength += Math.min(3, value.length - value.replace(/[A-Z]/g,"").length) * 10;
+
+       // Normalizxe between 0 and 100
+       return Math.max(0, Math.min(100, strength));
+     }
+   });
+   $.extend($.ui.user_password_strength,  {
+     defaults: {
+	classes : ['g-password-strength10', 'g-password-strength20', 'g-password-strength30',
+                   'g-password-strength40', 'g-password-strength50', 'g-password-strength60',
+                   'g-password-strength70',' g-password-strength80',' g-password-strength90',
+                   'g-password-strength100']
+     }
+   });
+ })(jQuery);
diff --git a/modules/user/views/user_form.html.php b/modules/user/views/user_form.html.php
new file mode 100644
index 0000000000..039ae8a57a
--- /dev/null
+++ b/modules/user/views/user_form.html.php
@@ -0,0 +1,7 @@
+<?php defined("SYSPATH") or die("No direct script access.") ?>
+<script  type="text/javascript">
+  $("form").ready(function(){
+    $('input[name="password"]').user_password_strength();
+  });
+</script>
+<?= $form ?>