Skip to content
Snippets Groups Projects
Normal view Permalink
validation.php 2.59 KiB
Newer Older
  • Learn to ignore specific revisions
    • Denis Walker's avatar
    Moves project into "trunk" directory
    Denis Walker committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 
    <?
/* useful validation functions */

//check for a valid email address
function validEmail ($email)
{
	global $error;
	//split user and domain
	list($user,$domain) = explode("@", $email);
	// check for bad characters, and check for zero length user & domain
	if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",$email) or !$user or !$domain )
	{
		$error = 'an invalid email address (syntax)';
		return false;
	}
	// Syntax OK
	
	// Check for an mail server
	elseif(!getmxrr($domain,$mx) or !gethostbyname($domain)) 
	{
		$error = "no mail servers listed for '$domain'";
		return false;
	}
	else 
	{
		// Email address valid from technical point of view
		return true;
	}
}

// test whether a password is considered Strong Enough
// ideally we'd want to use cracklib or something here, but no RPM for the php bindings :-(
    Justin Mitchell's avatar
    Use cracklib for password checking and feedback the reason to the user  
    Justin Mitchell committed
    33 
    // dont use this, use weakPassword instead it uses cracklib
    Denis Walker's avatar
    Moves project into "trunk" directory
    Denis Walker committed
    34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 
    function strongPassword ($pass) {

	// you call this a password? my cat could bruteforce this.
	if (strlen($pass) < 6) {
		return false;
	}
	
// start at 0, and increment for certain features
	$score = 0;


// greater than 8 characters
	if (strlen($pass) > 8) $score++;	
// includes lowercase characters
	if (preg_match("/[a-z]/", $pass)) $score++;
// includes uppercase characters
	if (preg_match("/[A-Z]/", $pass)) $score++;
// includes digits
	if (preg_match("/\d/", $pass)) $score++;
// includes "non-word" characters
	if (preg_match("/\W/", $pass)) $score++;

// I reckons if it has at least 3 of the above it should be... adequate
// better if it checked for dictionary words too though
	if ($score > 3) {
		return true;
	} else {
		return false;
	}
}
    Justin Mitchell's avatar
    Use cracklib for password checking and feedback the reason to the user  
    Justin Mitchell committed
    65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 
    # Use cracklib to check for weak passwords.
# returns FALSE if the password is good i.e. not weak
# otherwise returns a string saying why its weak
function weakPassword($password)
{
	// Try fedora then debian known paths
	if (file_exists("/usr/sbin/cracklib-check"))
		$cracklib = "/usr/sbin/cracklib-check";
	else
	if (file_exists("/usr/sbin/crack_testlib"))
		$cracklib = "/usr/sbin/crack_testlib";
	else
		return "Cannot find cracklib";

	$proc = proc_open($cracklib, array(0=>array("pipe","r"),1=>array("pipe","w")),$pipes,'/tmp/',NULL);
	if (!is_resource($proc)) {
		return "Cannot find cracklib";
	}
	fwrite($pipes[0], $password);
	fclose($pipes[0]);
	$last = "";
	do {
		$last = fgets($pipes[1]);
		if ($last !== FALSE) $answer = trim($last);
	} while ($last !== FALSE);
	fclose($pipes[1]);
	proc_close($proc);
	$answer = substr(strrchr($answer,":"),2);
	if (strtolower($answer) == "ok") return FALSE;
	if ($answer == "") return("Empty password");
	return $answer;
}
    Denis Walker's avatar
    Moves project into "trunk" directory
    Denis Walker committed
    98 
    ?>