Changeset 13189
- Timestamp:
- 12/16/2021 06:16:38 PM (3 years ago)
- Location:
- trunk/src
- Files:
-
- 1 deleted
- 8 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-members/bp-members-functions.php
r13170 r13189 3764 3764 return is_multisite() && in_array( bp_core_get_root_option( 'registration' ), $matches, true ); 3765 3765 } 3766 3767 /** 3768 * Returns the strength score a password needs to have to be used by a member. 3769 * 3770 * Score => Allowed Strength. 3771 * 0 => any passwords. 3772 * 1 => at least short passwords. 3773 * 2 => at least weak passwords. 3774 * 3 => at least good passwords. 3775 * 4 => at least strong passwords. 3776 * 3777 * @since 10.0.0 3778 * 3779 * @return int the strength score a password needs to have to be used by a member. 3780 */ 3781 function bp_members_user_pass_required_strength() { 3782 $default_strength = 0; 3783 if ( defined( 'BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH' ) && BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH ) { 3784 $default_strength = (int) BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH; 3785 } 3786 3787 /** 3788 * Filter here to raise the strength score user passwords need to reach to be allowed. 3789 * 3790 * @since 10.0.0 3791 * 3792 * @param int $default_strength The strength score user passwords need to reach to be allowed. 3793 */ 3794 return (int) apply_filters( 'bp_members_user_pass_required_strength', $default_strength ); 3795 } -
trunk/src/bp-members/screens/register.php
r13170 r13189 16 16 $bp = buddypress(); 17 17 18 if ( ! bp_is_current_component( 'register' ) || bp_current_action() ) 18 if ( ! bp_is_current_component( 'register' ) || bp_current_action() ) { 19 19 return; 20 } 20 21 21 22 // Not a directory. … … 88 89 } 89 90 90 $signup_pass = ''; 91 if ( isset( $_POST['signup_password'] ) ) { 92 $signup_pass = wp_unslash( $_POST['signup_password'] ); 93 } 94 95 $signup_pass_confirm = ''; 96 if ( isset( $_POST['signup_password_confirm'] ) ) { 97 $signup_pass_confirm = wp_unslash( $_POST['signup_password_confirm'] ); 98 } 99 100 // Check the account password for problems. 101 $account_password = bp_members_validate_user_password( $signup_pass, $signup_pass_confirm ); 102 $password_error = $account_password->get_error_message(); 91 // Password strength check. 92 $required_password_strength = bp_members_user_pass_required_strength(); 93 $current_password_strength = null; 94 if ( isset( $_POST['_password_strength_score'] ) ) { 95 $current_password_strength = (int) $_POST['_password_strength_score']; 96 } 97 98 if ( $required_password_strength && ! is_null( $current_password_strength ) && $required_password_strength > $current_password_strength ) { 99 $account_password = new WP_Error( 100 'not_strong_enough_password', 101 __( 'Your password is not strong enougth to be allowed on this site. Please use a stronger password.', 'buddypress' ) 102 ); 103 } else { 104 $signup_pass = ''; 105 if ( isset( $_POST['signup_password'] ) ) { 106 $signup_pass = wp_unslash( $_POST['signup_password'] ); 107 } 108 109 $signup_pass_confirm = ''; 110 if ( isset( $_POST['signup_password_confirm'] ) ) { 111 $signup_pass_confirm = wp_unslash( $_POST['signup_password_confirm'] ); 112 } 113 114 // Check the account password for problems. 115 $account_password = bp_members_validate_user_password( $signup_pass, $signup_pass_confirm ); 116 } 117 118 $password_error = $account_password->get_error_message(); 103 119 104 120 if ( $password_error ) { -
trunk/src/bp-settings/actions/general.php
r13090 r13189 74 74 // User is changing email address. 75 75 if ( $old_user_email !== $user_email ) { 76 77 76 // Run some tests on the email address. 78 77 $email_checks = bp_core_validate_email_address( $user_email ); … … 135 134 $pass = wp_unslash( $_POST['pass1'] ); 136 135 $pass_confirm = wp_unslash( $_POST['pass2'] ); 137 $pass_error = bp_members_validate_user_password( $pass, $pass_confirm, $update_user ); 138 139 if ( ! $pass_error->get_error_message() ) { 140 // Password change attempt is successful. 141 if ( ( ! empty( $_POST['pwd'] ) && wp_unslash( $_POST['pwd'] ) !== $pass ) || is_super_admin() ) { 142 $update_user['user_pass'] = $_POST['pass1']; 143 $pass_error = false; 144 $pass_changed = true; 145 146 // The new password is the same as the current password. 147 } else { 148 $pass_error->add( 'same_user_password', __( 'The new password must be different from the current password.', 'buddypress' ) ); 136 137 // Password strength check. 138 $required_password_strength = bp_members_user_pass_required_strength(); 139 $current_password_strength = null; 140 if ( isset( $_POST['_password_strength_score'] ) ) { 141 $current_password_strength = (int) $_POST['_password_strength_score']; 142 } 143 144 if ( $required_password_strength && ! is_null( $current_password_strength ) && $required_password_strength > $current_password_strength ) { 145 $pass_error = new WP_Error( 146 'not_strong_enough_password', 147 __( 'Your password is not strong enougth to be allowed on this site. Please use a stronger password.', 'buddypress' ) 148 ); 149 } else { 150 $pass_error = bp_members_validate_user_password( $pass, $pass_confirm, $update_user ); 151 152 if ( ! $pass_error->get_error_message() ) { 153 // Password change attempt is successful. 154 if ( ( ! empty( $_POST['pwd'] ) && wp_unslash( $_POST['pwd'] ) !== $pass ) || is_super_admin() ) { 155 $update_user['user_pass'] = $_POST['pass1']; 156 $pass_error = false; 157 $pass_changed = true; 158 159 // The new password is the same as the current password. 160 } else { 161 $pass_error->add( 'same_user_password', __( 'The new password must be different from the current password.', 'buddypress' ) ); 162 } 149 163 } 150 164 } -
trunk/src/bp-templates/bp-legacy/buddypress-functions.php
r13160 r13189 7 7 * @package BuddyPress 8 8 * @subpackage BP_Theme_Compat 9 * @version 3.1.09 * @version 10.0.0 10 10 */ 11 11 … … 338 338 339 339 // Enqueue script. 340 wp_enqueue_script( $asset['handle'] . '-password-verify', $asset['location'], $dependencies, $this->version); 340 wp_enqueue_script( $asset['handle'] . '-password-verify', $asset['location'], $dependencies, $this->version ); 341 wp_localize_script( 342 $asset['handle'] . '-password-verify', 343 'bpPasswordVerify', 344 array( 345 'tooWeakPasswordWarning' => __( 'Your password is too weak, please use a stronger password.', 'buddypress' ), 346 'requiredPassStrength' => bp_members_user_pass_required_strength(), 347 ) 348 ); 341 349 } 342 350 -
trunk/src/bp-templates/bp-legacy/js/password-verify.js
r12856 r13189 1 1 /* jshint undef: false */ 2 2 /* @since 1.7.0 */ 3 /* @version 8.0.0 */3 /* @version 10.0.0 */ 4 4 /* Password Verify */ 5 5 ( function( $ ){ 6 function check_pass_strength( ) {6 function check_pass_strength( event ) { 7 7 var pass1 = $( '.password-entry' ).val(), 8 8 pass2 = $( '.password-entry-confirm' ).val(), 9 strength; 9 currentForm = $( '.password-entry' ).closest( 'form' ), 10 strength, requiredStrength; 11 12 if ( 'undefined' !== typeof window.bpPasswordVerify && window.bpPasswordVerify.requiredPassStrength ) { 13 requiredStrength = parseInt( window.bpPasswordVerify.requiredPassStrength, 10 ); 14 } 10 15 11 16 // Reset classes and result text … … 40 45 break; 41 46 } 47 48 if ( requiredStrength && 4 >= requiredStrength ) { 49 var passwordWarningContainer = $( currentForm ).find( '#password-warning' ); 50 51 if ( strength < requiredStrength ) { 52 if ( ! $( passwordWarningContainer ).length ) { 53 $( event.currentTarget ).before( 54 $( '<p></p>' ).prop( 'id', 'password-warning' ) 55 .addClass( 'description' ) 56 ); 57 } 58 59 $( passwordWarningContainer ).html( bpPasswordVerify.tooWeakPasswordWarning ); 60 } else if ( $( passwordWarningContainer ).length ) { 61 $( passwordWarningContainer ).remove(); 62 } 63 64 if ( ! $( currentForm ).find( '#password-strength-score' ).length ) { 65 $( currentForm ).prepend( 66 $('<input></input>').prop( { 67 id: 'password-strength-score', 68 type: 'hidden', 69 'name': '_password_strength_score' 70 } ) 71 ); 72 } 73 74 $( '#password-strength-score' ).val( strength ); 75 } 42 76 } 43 77 -
trunk/src/bp-templates/bp-nouveau/buddypress-functions.php
r13153 r13189 385 385 } 386 386 387 // Add The password verify if needed.388 if ( bp_is_active( 'settings' ) || bp_get_signup_allowed() ) {389 /**390 * BP Nouveau is now directly using the `wp-admin/js/user-profile.js` script.391 *392 * Setting the user password is now more consistent with how WordPress handles it.393 *394 * @deprecated 5.0.0395 */396 $scripts['bp-nouveau-password-verify'] = array(397 'file' => 'js/password-verify%s.js',398 'dependencies' => array( 'bp-nouveau', 'password-strength-meter' ),399 'footer' => true,400 );401 }402 403 387 foreach ( $scripts as $handle => $script ) { 404 388 if ( ! isset( $script['file'] ) ) { … … 531 515 if ( is_customize_preview() ) { 532 516 $params['customizer_settings'] = bp_nouveau_get_temporary_setting( 'any' ); 517 } 518 519 $required_password_strength = bp_members_user_pass_required_strength(); 520 if ( $required_password_strength ) { 521 $params['bpPasswordVerify'] = array( 522 'tooWeakPasswordWarning' => __( 'Your password is too weak, please use a stronger password.', 'buddypress' ), 523 'requiredPassStrength' => bp_members_user_pass_required_strength(), 524 ); 533 525 } 534 526 -
trunk/src/bp-templates/bp-nouveau/includes/template-tags.php
r13145 r13189 2371 2371 ?> 2372 2372 <label for="pass1"><?php esc_html_e( 'Choose a Password (required)', 'buddypress' ); ?></label> 2373 <?php if ( isset( buddypress()->signup->errors['signup_password'] ) ) : 2374 nouveau_error_template( buddypress()->signup->errors['signup_password'] ); 2375 endif; ?> 2376 2373 2377 <div class="user-pass1-wrap"> 2374 2378 <div class="wp-pwd"> -
trunk/src/bp-templates/bp-nouveau/js/buddypress-nouveau.js
r13136 r13189 3 3 /* jshint browser: true */ 4 4 /* @since 3.0.0 */ 5 /* @version 8.0.0 */5 /* @version 10.0.0 */ 6 6 window.wp = window.wp || {}; 7 7 window.bp = window.bp || {}; … … 469 469 // Pagination. 470 470 $( '#buddypress [data-bp-list]' ).on( 'click', '[data-bp-pagination] a', this, this.paginateAction ); 471 472 // Password updates. 473 if ( BP_Nouveau.bpPasswordVerify && BP_Nouveau.bpPasswordVerify.requiredPassStrength ) { 474 $( '#pass1' ).on( 'input pwupdate', this.checkPassStrength ); 475 } 471 476 }, 472 477 … … 824 829 // Request the page. 825 830 self.objectRequest( queryData ); 831 }, 832 833 checkPassStrength: function( event ) { 834 var bpPasswordVerify = BP_Nouveau.bpPasswordVerify, strength, 835 requiredStrength = parseInt( bpPasswordVerify.requiredPassStrength, 10 ), 836 pass1 = $( event.currentTarget ).val(), pass2 = $( '#pass2' ).val(), 837 currentForm = $( event.currentTarget ).closest( 'form' ); 838 839 840 // wp.passwordStrength.userInputBlacklist() has been deprecated in WP 5.5.0. 841 if ( 'function' === typeof wp.passwordStrength.userInputDisallowedList ) { 842 strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputDisallowedList(), pass2 ); 843 } else { 844 strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputBlacklist(), pass2 ); 845 } 846 847 if ( requiredStrength && 4 >= requiredStrength ) { 848 var passwordWarningContainer = $( currentForm ).find( '#password-warning' ); 849 850 if ( strength < requiredStrength ) { 851 if ( ! $( passwordWarningContainer ).length ) { 852 $( event.currentTarget ).before( 853 $( '<p></p>' ).prop( 'id', 'password-warning' ) 854 .addClass( 'description' ) 855 ); 856 } 857 858 $( passwordWarningContainer ).html( bpPasswordVerify.tooWeakPasswordWarning ); 859 } else if ( $( passwordWarningContainer ).length ) { 860 $( passwordWarningContainer ).remove(); 861 } 862 863 if ( ! $( currentForm ).find( '#password-strength-score' ).length ) { 864 $( currentForm ).prepend( 865 $('<input></input>').prop( { 866 id: 'password-strength-score', 867 type: 'hidden', 868 'name': '_password_strength_score' 869 } ) 870 ); 871 } 872 873 $( '#password-strength-score' ).val( strength ); 874 875 if ( requiredStrength > strength ) { 876 $( '.pw-weak' ).remove(); 877 } 878 } 826 879 } 827 880 };
Note: See TracChangeset
for help on using the changeset viewer.