From 91428bc1328abb26d1b734f01f3a7b261bf3b7e2 Mon Sep 17 00:00:00 2001
From: mattpiwik <matthieu.aubry@gmail.com>
Date: Tue, 29 Mar 2011 02:16:08 +0000
Subject: [PATCH] Fixes #2236 New config setting: ; Piwik will check that
 usernames and password have a minimum length, and will check that characters
 are "allowed" ; This can be disabled, if for example you wish to import an
 existing User database in Piwik and your rules are less restrictive
 disable_checks_usernames_attributes = 0

git-svn-id: http://dev.piwik.org/svn/trunk@4225 59fd770c-687e-43c8-a1e3-f5a4ff64c105
---
 config/global.ini.php        |  4 ++++
 core/Piwik.php               | 16 +++++++++++++++-
 lang/en.php                  |  2 +-
 plugins/UsersManager/API.php | 16 ++++++++++++----
 4 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/config/global.ini.php b/config/global.ini.php
index 719fee67db..db90eea149 100644
--- a/config/global.ini.php
+++ b/config/global.ini.php
@@ -137,6 +137,10 @@ minimum_pgsql_version = 8.3
 ; Minimum adviced memory limit in php.ini file (see memory_limit value)
 minimum_memory_limit = 128
 
+; Piwik will check that usernames and password have a minimum length, and will check that characters are "allowed"
+; This can be disabled, if for example you wish to import an existing User database in Piwik and your rules are less restrictive
+disable_checks_usernames_attributes = 0
+
 ; by default, Piwik uses relative URLs, so you can login using http:// or https://
 ; (the latter assumes you have a valid SSL certificate).
 ; If set to 1, Piwik redirects the login form to use a secure connection (i.e., https).
diff --git a/core/Piwik.php b/core/Piwik.php
index 1a1fa9bcb2..1f8669ce46 100644
--- a/core/Piwik.php
+++ b/core/Piwik.php
@@ -1849,6 +1849,11 @@ class Piwik
 	 */
 	static public function checkValidLoginString( $userLogin )
 	{
+		if(!self::isChecksEnabled()
+			&& !empty($userLogin))
+		{
+			return;
+		}
 		$loginMinimumLength = 3;
 		$loginMaximumLength = 100;
 		$l = strlen($userLogin);
@@ -1860,7 +1865,16 @@ class Piwik
 			throw new Exception(Piwik_TranslateException('UsersManager_ExceptionInvalidLoginFormat', array($loginMinimumLength, $loginMaximumLength)));
 		}
 	}
-
+	
+	/**
+	 * Should Piwik check that the login & password have minimum length and valid characters?
+	 * 
+	 * @return bool
+	 */
+	static public function isChecksEnabled()
+	{
+		return Zend_Registry::get('config')->General->disable_checks_usernames_attributes == 0;
+	}
 /*
  * Date / Timezone
  */
diff --git a/lang/en.php b/lang/en.php
index d58129b7ce..1b8cf4acff 100644
--- a/lang/en.php
+++ b/lang/en.php
@@ -1166,7 +1166,7 @@ Note: this token will expire in 24 hrs.",
 	'UsersManager_ExceptionLoginExists' => 'Login \'%s\' already exists.',
 	'UsersManager_ExceptionEmailExists' => 'User with email \'%s\' already exists.',
 	'UsersManager_ExceptionInvalidLoginFormat' => "The login must be between %1\$s and %2\$s characters long and contain only letters, numbers, or the characters '_' or '-' or '.' or '@' or '+'",
-	'UsersManager_ExceptionInvalidPassword' => 'The password length must be between 6 and 26 characters.',
+	'UsersManager_ExceptionInvalidPassword' => 'The password length must be between %1$s and %2$s characters.',
 	'UsersManager_ExceptionInvalidEmail' => 'The email doesn\'t have a valid format.',
 	'UsersManager_ExceptionDeleteDoesNotExist' => 'User \'%s\' doesn\'t exist therefore it can\'t be deleted.',
 	'UsersManager_ExceptionAdminAnonymous' => 'You cannot grant \'admin\' access to the \'anonymous\' user.',
diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php
index a9f3455ab2..2c9c7d358a 100644
--- a/plugins/UsersManager/API.php
+++ b/plugins/UsersManager/API.php
@@ -292,14 +292,16 @@ class Piwik_UsersManager_API
 		
 		Piwik::checkValidLoginString($userLogin);
 	}
-		
+	
 	private function checkPassword($password)
 	{
 		if(!$this->isValidPasswordString($password))
 		{
-			throw new Exception(Piwik_TranslateException('UsersManager_ExceptionInvalidPassword'));
+			throw new Exception(Piwik_TranslateException('UsersManager_ExceptionInvalidPassword'), self::PASSWORD_MIN_LENGTH, self::PASSWORD_MAX_LENGTH);
 		}
 	}
+	const PASSWORD_MIN_LENGTH = 6;
+	const PASSWORD_MAX_LENGTH = 26;
 	
 	private function checkEmail($email)
 	{
@@ -587,6 +589,7 @@ class Piwik_UsersManager_API
 			throw new Exception(Piwik_TranslateException("UsersManager_ExceptionEditAnonymous"));
 		}
 	}
+	
 	private function checkUserIsNotSuperUser( $userLogin )
 	{
 		if($userLogin == Zend_Registry::get('config')->superuser->login)
@@ -677,8 +680,13 @@ class Piwik_UsersManager_API
 	 * @return bool
 	 */
 	private function isValidPasswordString( $input )
-	{		
+	{
+		if(!Piwik::isChecksEnabled()
+			&& !empty($input))
+		{
+			return true;
+		}
 		$l = strlen($input);
-		return $l >= 6 && $l <= 26;
+		return $l >= self::PASSWORD_MIN_LENGTH && $l <= self::PASSWORD_MAX_LENGTH;
 	}
 }
-- 
GitLab