<?
/* useful validation functions */

//check for a valid email address
function validEmail ($email)
{
	global $error;
	//split user and domain
	list($user,$domain) = explode("@", $email);
	// check for bad characters, and check for zero length user & domain
	if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$",$email) or !$user or !$domain )
	{
		$error = 'an invalid email address (syntax)';
		return false;
	}
	// Syntax OK
	
	// Check for an mail server
	elseif(!getmxrr($domain,$mx) or !gethostbyname($domain)) 
	{
		$error = "no mail servers listed for '$domain'";
		return false;
	}
	else 
	{
		// Email address valid from technical point of view
		return true;
	}
}

// test whether a password is considered Strong Enough
// ideally we'd want to use cracklib or something here, but no RPM for the php bindings :-(
// dont use this, use weakPassword instead it uses cracklib
function strongPassword ($pass) {

	// you call this a password? my cat could bruteforce this.
	if (strlen($pass) < 6) {
		return false;
	}
	
// start at 0, and increment for certain features
	$score = 0;


// greater than 8 characters
	if (strlen($pass) > 8) $score++;	
// includes lowercase characters
	if (preg_match("/[a-z]/", $pass)) $score++;
// includes uppercase characters
	if (preg_match("/[A-Z]/", $pass)) $score++;
// includes digits
	if (preg_match("/\d/", $pass)) $score++;
// includes "non-word" characters
	if (preg_match("/\W/", $pass)) $score++;

// I reckons if it has at least 3 of the above it should be... adequate
// better if it checked for dictionary words too though
	if ($score > 3) {
		return true;
	} else {
		return false;
	}
}

# Use cracklib to check for weak passwords.
# returns FALSE if the password is good i.e. not weak
# otherwise returns a string saying why its weak
function weakPassword($password)
{
	// Try fedora then debian known paths
	if (file_exists("/usr/sbin/cracklib-check"))
		$cracklib = "/usr/sbin/cracklib-check";
	else
	if (file_exists("/usr/sbin/crack_testlib"))
		$cracklib = "/usr/sbin/crack_testlib";
	else
		return "Cannot find cracklib";

	$proc = proc_open($cracklib, array(0=>array("pipe","r"),1=>array("pipe","w")),$pipes,'/tmp/',NULL);
	if (!is_resource($proc)) {
		return "Cannot find cracklib";
	}
	fwrite($pipes[0], $password);
	fclose($pipes[0]);
	$last = "";
	do {
		$last = fgets($pipes[1]);
		if ($last !== FALSE) $answer = trim($last);
	} while ($last !== FALSE);
	fclose($pipes[1]);
	proc_close($proc);
	$answer = substr(strrchr($answer,":"),2);
	if (strtolower($answer) == "ok") return FALSE;
	if ($answer == "") return("Empty password");
	return $answer;
}

?>