MediaWiki  1.32.5
PasswordPolicyChecks Class Reference

Functions to check passwords against a policy requirement. More...

Static Public Member Functions

static checkMaximalPasswordLength ( $policyVal, User $user, $password)
 Check password is shorter than maximum, fatal. More...
 
static checkMinimalPasswordLength ( $policyVal, User $user, $password)
 Check password is longer than minimum, not fatal. More...
 
static checkMinimumPasswordLengthToLogin ( $policyVal, User $user, $password)
 Check password is longer than minimum, fatal. More...
 
static checkPasswordCannotMatchBlacklist ( $policyVal, User $user, $password)
 Check if username and password are on a blacklist. More...
 
static checkPasswordCannotMatchUsername ( $policyVal, User $user, $password)
 Check if username and password match. More...
 
static checkPopularPasswordBlacklist ( $policyVal, User $user, $password)
 Ensure that password isn't in top X most popular passwords. More...
 

Detailed Description

Functions to check passwords against a policy requirement.

Since
1.26

Definition at line 30 of file PasswordPolicyChecks.php.

Member Function Documentation

◆ checkMaximalPasswordLength()

static PasswordPolicyChecks::checkMaximalPasswordLength (   $policyVal,
User  $user,
  $password 
)
static

Check password is shorter than maximum, fatal.

Parameters
int$policyValmaximum length
User$user
string$password
Returns
Status fatal if $password is shorter than $policyVal

Definition at line 71 of file PasswordPolicyChecks.php.

References StatusValue\newGood().

Referenced by PasswordPolicyChecksTest\testCheckMaximalPasswordLength().

◆ checkMinimalPasswordLength()

static PasswordPolicyChecks::checkMinimalPasswordLength (   $policyVal,
User  $user,
  $password 
)
static

Check password is longer than minimum, not fatal.

Parameters
int$policyValminimal length
User$user
string$password
Returns
Status error if $password is shorter than $policyVal

Definition at line 39 of file PasswordPolicyChecks.php.

References StatusValue\newGood().

Referenced by PasswordPolicyChecksTest\testCheckMinimalPasswordLength().

◆ checkMinimumPasswordLengthToLogin()

static PasswordPolicyChecks::checkMinimumPasswordLengthToLogin (   $policyVal,
User  $user,
  $password 
)
static

Check password is longer than minimum, fatal.

Intended for locking out users with passwords too short to trust, requiring them to recover their account by some other means.

Parameters
int$policyValminimal length
User$user
string$password
Returns
Status fatal if $password is shorter than $policyVal

Definition at line 56 of file PasswordPolicyChecks.php.

References StatusValue\newGood().

Referenced by PasswordPolicyChecksTest\testCheckMinimumPasswordLengthToLogin().

◆ checkPasswordCannotMatchBlacklist()

static PasswordPolicyChecks::checkPasswordCannotMatchBlacklist (   $policyVal,
User  $user,
  $password 
)
static

Check if username and password are on a blacklist.

Parameters
bool$policyValtrue to force compliance.
User$user
string$password
Returns
Status error if username and password match, and policy is true

Definition at line 105 of file PasswordPolicyChecks.php.

References $user, $username, and StatusValue\newGood().

Referenced by PasswordPolicyChecksTest\testCheckPasswordCannotMatchBlacklist().

◆ checkPasswordCannotMatchUsername()

static PasswordPolicyChecks::checkPasswordCannotMatchUsername (   $policyVal,
User  $user,
  $password 
)
static

Check if username and password match.

Parameters
bool$policyValtrue to force compliance.
User$user
string$password
Returns
Status error if username and password match, and policy is true

Definition at line 86 of file PasswordPolicyChecks.php.

References $user, $username, and StatusValue\newGood().

Referenced by PasswordPolicyChecksTest\testCheckPasswordCannotMatchUsername().

◆ checkPopularPasswordBlacklist()

static PasswordPolicyChecks::checkPopularPasswordBlacklist (   $policyVal,
User  $user,
  $password 
)
static

Ensure that password isn't in top X most popular passwords.

Parameters
int$policyValCut off to use. Will automatically shrink to the max supported for error messages if set to more than max number of passwords on file, so you can use the PHP_INT_MAX constant here safely.
User$user
string$password
Since
1.27
Returns
Status

Definition at line 137 of file PasswordPolicyChecks.php.

References $res, $wgPopularPasswordFile, $wgSitename, Language\factory(), StatusValue\newGood(), and Makefile\open.

Referenced by PasswordPolicyChecksTest\testCheckPopularPasswordBlacklist().


The documentation for this class was generated from the following file: