Added password strength meter and generator for the CMS

jbroadway · May 29, 2012 · 05343f9 · 05343f9
1 parent 65c9b62
commit 05343f9
Show file tree

Hide file tree

Showing 11 changed files with 488 additions and 53 deletions.
diff --git a/inc/app/usradm/boxes/add/user/index.php b/inc/app/usradm/boxes/add/user/index.php
@@ -50,6 +50,9 @@ function teams_select_all (field) {
 
 global $cgi;
 
+$form->widgets['passwd']->turnOnHelp('password_verify'); //password generator & strength indicator
+
+
 if ($form->invalid ($cgi)) {
 	$form->extra = 'id="usradm-user" class="usradm-user" autocomplete="off"';
 	$form->widgets['_username']->extra = 'autocomplete="off"';

diff --git a/inc/app/usradm/boxes/edit/user/index.php b/inc/app/usradm/boxes/edit/user/index.php
@@ -47,6 +47,8 @@ function teams_select_all (field) {
 $snm =& session_get_manager ();
 $form =& $snm->user->getEditForm ($cgi->_key);
 
+$form->widgets['passwd']->turnOnHelp('password_verify'); //password generator & strength indicator
+
 if ($form->invalid ($cgi)) {
 	$form->extra = 'id="usradm-user" class="usradm-user" autocomplete="off"';
 	$form->widgets['passwd']->extra = 'autocomplete="off"';

diff --git a/inc/app/usradm/forms/settings/index.php b/inc/app/usradm/forms/settings/index.php
@@ -37,6 +37,7 @@ function onSubmit ($vals) {
 		unset ($vals['Server']);
 		unset ($vals['I18n']);
         unset ($vals['Emailing']);
+		unset ($vals['Security']);
 		unset ($vals['Messaging']);
 		unset ($vals['Services']);
 		unset ($vals['submit_button']);

diff --git a/inc/app/usradm/forms/settings/settings.php b/inc/app/usradm/forms/settings/settings.php
@@ -200,6 +200,17 @@
 
 type = hidden
 
+[Security]
+
+type = section
+title = Security
+
+[Security_min_password_length]
+
+type = text
+alt = Min. password length
+formhelp = "Min. length of passwords with form help of makestrong on."
+
 [Emailing]
 
 type = section

diff --git a/inc/conf/config.ini.php b/inc/conf/config.ini.php
@@ -1,124 +1,128 @@
 ; <?php /* DO NOT ALTER THIS LINE, IT IS HERE FOR SECURITY REASONS
 ;
 ; WARNING: This file was automatically generated, and it may
-; not be wise to edit it by hand.  If there is an interface
+; not be wise to edit it by hand. If there is an interface
 ; to modify files of this type, please use that interface
-; instead of manually editing this file.  If you are not sure
+; instead of manually editing this file. If you are not sure
 ; or are not aware of such an interface, please talk to your
 ; Sitellite administrator first.
 ;
 
 [Database]
 
-connection_name         = mysqlweb
+connection_name = mysqlweb
 
-driver                  = MySQL
+driver = MySQL
 
-hostname                = localhost
+hostname = localhost
 
-database                = DBNAME
+database = DBNAME
 
-username                = USER
+username = USER
 
-password                = PASS
+password = PASS
 
-persistent              = Off
+persistent = Off
 
 [Site]
 
-domain                  = DOMAIN
+domain = DOMAIN
 
-usedocroot              = Off
+usedocroot = Off
 
-docroot                 = Off
+docroot = Off
 
-prefix                  = Off
+prefix = Off
 
-secure                  = Off
+secure = Off
 
-safpath                 = saf
+safpath = saf
 
-remove_index            = On
+remove_index = On
 
 new_pages_under_current = Off
 
 [Server]
 
-default_handler         = index
+default_handler = index
 
-default_handler_type    = document
+default_handler_type = document
 
-default_template_set    = default
+default_template_set = default
 
-default_template        = default
+default_template = default
 
-error_handler           = sitellite/error
+error_handler = sitellite/error
 
-error_handler_type      = box
+error_handler_type = box
 
-send_version_header     = On
+send_version_header = On
 
-default_app             = webapp
+default_app = webapp
 
-debug                   = Off
+debug = Off
 
-compress_output         = Off
+compress_output = Off
 
-error_reporting         = "E_ALL ^ E_NOTICE"
+error_reporting = "E_ALL ^ E_NOTICE"
 
-xsendfile               = readfile
+xsendfile = readfile
 
 [I18n]
 
-directory               = inc/lang
+directory = inc/lang
 
-negotiate               = url
+negotiate = url
 
-serialize               = plain
+serialize = plain
+
+[Security]
+
+min_password_length     = 8
 
 [Emailing]
 
-mta                     = mail
+mta = mail
 
-template                = default.spt
+template = default.spt
 
-from_name               = Sitellite OpenSource
+from_name = Sitellite OpenSource
 
-from_email              = info@sitellite.org
+from_email = info@sitellite.org
 
-use_html                = On
+use_html = On
 
-use_nomail              = Off
+use_nomail = Off
 
-overrule_from           = On
+overrule_from = On
 
 [Messaging]
 
-return_address          = Off
+return_address = Off
 
-email_server            = Off
+email_server = Off
 
-email_port              = 110
+email_port = 110
 
-email_username          = Off
+email_username = Off
 
-email_password          = Off
+email_password = Off
 
-jabber                  = Off
+jabber = Off
 
-jabber_server           = Off
+jabber_server = Off
 
-jabber_port             = 5222
+jabber_port = 5222
 
-jabber_username         = Off
+jabber_username = Off
 
-jabber_password         = Off
+jabber_password = Off
 
 [Services]
 
-recaptcha_public_key    = Off
+recaptcha_public_key = Off
 
-recaptcha_private_key   = Off
+recaptcha_private_key = Off
 
 ;
 ; THE END

diff --git a/js/jquery.pstrength-1.2.js b/js/jquery.pstrength-1.2.js
@@ -0,0 +1,137 @@
+(function (A) {
+    A.extend(A.fn, {
+        pstrength: function (B) {
+            var B = A.extend({
+                verdects: ["Very weak", "Weak", "Medium", "Strong", "Very strong", "Unsafe password word!", "Too short", "Minimum number of characters is"],
+                colors: ["#f00", "#c06", "#f60", "#3c0", "#3f0"],
+                scores: [10, 15, 30, 40],
+                common: ["password", "123456", "123", "qwerty"],
+                minchar: 6
+            }, B);
+            return this.each(function () {
+                var C = A(this).attr("id");
+                $("#dialoglink").after("<div class=\"pstrength-minchar\" id=\"" + C + "_minchar\">" + B.verdects[7] + " " + B.minchar + "</div>");
+                $("#dialoglink").after("<div class=\"pstrength-info\" id=\"" + C + "_text\"></div>");
+                $("#dialoglink").after("<div style=\"width: " + (A(this).outerWidth()-1) + "px;\"><div class=\"pstrength-bar\" id=\"" + C + "_bar\" style=\"border: 1px solid white; font-size: 1px; height: 5px; width: 0px;\"></div></div>");
+                A(this).keyup(function () {
+                    A.fn.runPassword(A(this).val(), C, B)
+                });
+				A.fn.runPassword(A(this).val(), C, B);
+            })
+        },
+        runPassword: function (D, F, C) {
+            nPerc = A.fn.checkPassword(D, C);
+            var B = "#" + F + "_bar";
+            var E = "#" + F + "_text";
+            if (nPerc == -200) {
+                strColor = "#f00";
+                strText = C.verdects[5];
+                A(B).css({
+                    width: "0%"
+                })
+            } else {
+                if (nPerc < 0 && nPerc > -199) {
+                    strColor = "#ccc";
+                    strText = C.verdects[6];
+                    A(B).css({
+                        width: "5%"
+                    })
+                } else {
+                    if (nPerc <= C.scores[0]) {
+                        strColor = C.colors[0];
+                        strText = C.verdects[0];
+                        A(B).css({
+                            width: "10%"
+                        })
+                    } else {
+                        if (nPerc > C.scores[0] && nPerc <= C.scores[1]) {
+                            strColor = C.colors[1];
+                            strText = C.verdects[1];
+                            A(B).css({
+                                width: "25%"
+                            })
+                        } else {
+                            if (nPerc > C.scores[1] && nPerc <= C.scores[2]) {
+                                strColor = C.colors[2];
+                                strText = C.verdects[2];
+                                A(B).css({
+                                    width: "50%"
+                                })
+                            } else {
+                                if (nPerc > C.scores[2] && nPerc <= C.scores[3]) {
+                                    strColor = C.colors[3];
+                                    strText = C.verdects[3];
+                                    A(B).css({
+                                        width: "75%"
+                                    })
+                                } else {
+                                    strColor = C.colors[4];
+                                    strText = C.verdects[4];
+                                    A(B).css({
+                                        width: "100%"
+                                    })
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            A(B).css({
+                backgroundColor: strColor
+            });
+            A(E).html("<span style='color: " + strColor + ";'>" + strText + "</span>")
+        },
+        checkPassword: function (C, B) {
+            var F = 0;
+            var E = B.verdects[0];
+            if (C.length < B.minchar) {
+                F = (F - 100)
+            } else {
+                if (C.length >= B.minchar && C.length <= (B.minchar + 2)) {
+                    F = (F + 6)
+                } else {
+                    if (C.length >= (B.minchar + 3) && C.length <= (B.minchar + 4)) {
+                        F = (F + 12)
+                    } else {
+                        if (C.length >= (B.minchar + 5)) {
+                            F = (F + 18)
+                        }
+                    }
+                }
+            }
+            if (C.match(/[a-z]/)) {
+                F = (F + 1)
+            }
+            if (C.match(/[A-Z]/)) {
+                F = (F + 5)
+            }
+            if (C.match(/\d+/)) {
+                F = (F + 5)
+            }
+            if (C.match(/(.*[0-9].*[0-9].*[0-9])/)) {
+                F = (F + 7)
+            }
+            if (C.match(/.[!,@,#,$,%,^,&,*,?,_,~]/)) {
+                F = (F + 5)
+            }
+            if (C.match(/(.*[!,@,#,$,%,^,&,*,?,_,~].*[!,@,#,$,%,^,&,*,?,_,~])/)) {
+                F = (F + 7)
+            }
+            if (C.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/)) {
+                F = (F + 2)
+            }
+            if (C.match(/([a-zA-Z])/) && C.match(/([0-9])/)) {
+                F = (F + 3)
+            }
+            if (C.match(/([a-zA-Z0-9].*[!,@,#,$,%,^,&,*,?,_,~])|([!,@,#,$,%,^,&,*,?,_,~].*[a-zA-Z0-9])/)) {
+                F = (F + 3)
+            }
+            for (var D = 0; D < B.common.length; D++) {
+                if (C.toLowerCase() == B.common[D]) {
+                    F = -200
+                }
+            }
+            return F
+        }
+    })
+})(jQuery)
diff --git a/js/jquery.pstrength-1.2.min.js b/js/jquery.pstrength-1.2.min.js
diff --git a/js/modalwindow.css b/js/modalwindow.css
@@ -0,0 +1,29 @@
+/* Z-index of #mask must lower than #boxes .window */
+#mask {
+  position:absolute;
+  z-index:9000;
+  background-color:#000;
+  display:none;
+  top:0;
+  left: 0;
+}
+
+#boxes .window {
+  position:absolute;
+  width:440px;
+  height:200px;
+  display:none;
+  z-index:9999;
+  padding:20px;
+}
+
+
+/* Customize your modal window here, you can add background image too */
+#boxes #dialog {
+  width:475px;
+  height:280px;
+  background-color: #ffffff;
+}
+#boxes #dialog #passgen {
+	margin-top: 10px;
+}