X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/comptes/journal.php?a=blobdiff_plain;f=includes%2Fpassword%2FPasswordPolicyChecks.php;h=cec82c7fbc6c691556ffc8df889e48e263e7cc7e;hb=a5ea73070652d807afb780a5bd9c6614b5e5a872;hp=d7aee5bd5c8c8f36f7831598de89449e79bcef86;hpb=720c86a77be582876cd934223ce8f9c55fc3bd68;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/password/PasswordPolicyChecks.php b/includes/password/PasswordPolicyChecks.php
index d7aee5bd5c..cec82c7fbc 100644
--- a/includes/password/PasswordPolicyChecks.php
+++ b/includes/password/PasswordPolicyChecks.php
@@ -20,7 +20,7 @@
  * @file
  */
 
-use \Cdb\Reader as CdbReader;
+use Cdb\Reader as CdbReader;
 
 /**
  * Functions to check passwords against a policy requirement
@@ -44,7 +44,9 @@ class PasswordPolicyChecks {
 	}
 
 	/**
-	 * Check password is longer than minimum, fatal
+	 * Check password is longer than minimum, fatal.
+	 * Intended for locking out users with passwords too short to trust, requiring them
+	 * to recover their account by some other means.
 	 * @param int $policyVal minimal length
 	 * @param User $user
 	 * @param string $password
@@ -105,11 +107,15 @@ class PasswordPolicyChecks {
 
 		$status = Status::newGood();
 		$username = $user->getName();
-		if ( $policyVal
-			&& isset( $blockedLogins[$username] )
-			&& $password == $blockedLogins[$username]
-		) {
-			$status->error( 'password-login-forbidden' );
+		if ( $policyVal ) {
+			if ( isset( $blockedLogins[$username] ) && $password == $blockedLogins[$username] ) {
+				$status->error( 'password-login-forbidden' );
+			}
+
+			// Example from ApiChangeAuthenticationRequest
+			if ( $password === 'ExamplePassword' ) {
+				$status->error( 'password-login-forbidden' );
+			}
 		}
 		return $status;
 	}