* Is the input a valid password for this user?
*
* @param $password String Desired password
- * @return mixed: true on success, string of error message on failure
+ * @return bool True or false
*/
function isValidPassword( $password ) {
global $wgMinimalPasswordLength, $wgContLang;
if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
return $result;
+ if( $result === false )
+ return false;
+
+ // Password needs to be long enough, and can't be the same as the username
+ return strlen( $password ) >= $wgMinimalPasswordLength
+ && $wgContLang->lc( $password ) !== $wgContLang->lc( $this->mName );
+ }
- // Password needs to be long enough
- if( strlen( $password ) < $wgMinimalPasswordLength ) {
- return 'passwordtooshort';
- } elseif( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
- return 'password-name-match';
- } else {
+ /**
+ * Given unvalidated password input, return error message on failure.
+ *
+ * @param $password String Desired password
+ * @return mixed: true on success, string of error message on failure
+ */
+ static function getPasswordValidity( $password ) {
+ global $wgMinimalPasswordLength, $wgContLang;
+
+ if(!$this->isValidPassword( $password )) {
+ if( strlen( $password ) < $wgMinimalPasswordLength ) {
+ return 'passwordtooshort';
+ } elseif( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
+ return 'password-name-match';
+ }
+ }
+ else {
return true;
}
}
if( !$wgAuth->allowPasswordChange() ) {
throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
}
-
- $valid = $this->isValidPassword( $str );
- if( $valid !== true ) {
- global $wgMinimalPasswordLength;
+
+ if( !$this->isValidPassword( $str ) ) {
+ global $wgMinimalPasswordLength;
+ $valid = $this->getPasswordValidity( $str );
throw new PasswordError( wfMsgExt( $valid, array( 'parsemag' ),
$wgMinimalPasswordLength ) );
- }
+ }
}
if( !$wgAuth->setPassword( $this, $str ) ) {
// to. Certain authentication plugins do NOT want to save
// domain passwords in a mysql database, so we should
// check this (incase $wgAuth->strict() is false).
- if( $this->isValidPassword( $password ) !== true ) {
+ if( !$this->isValidPassword( $password ) ) {
return false;
}