From 20627c718a792d064b796c4fd61158db134367d8 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Fri, 26 Oct 2018 16:14:37 -0400 Subject: [PATCH] HOR-4526 --- .../engine/classes/model/UsersProperties.php | 146 ++++++--- .../translations/english/processmaker.en.po | 14 +- workflow/engine/data/mysql/insert.sql | 5 +- .../engine/methods/login/authentication.php | 55 ++-- workflow/engine/methods/users/myInfo_Save.php | 170 ---------- workflow/engine/methods/users/usersAjax.php | 44 +-- workflow/engine/methods/users/users_Save.php | 297 ------------------ .../src/ProcessMaker/BusinessModel/User.php | 42 +-- 8 files changed, 166 insertions(+), 607 deletions(-) delete mode 100644 workflow/engine/methods/users/myInfo_Save.php delete mode 100644 workflow/engine/methods/users/users_Save.php diff --git a/workflow/engine/classes/model/UsersProperties.php b/workflow/engine/classes/model/UsersProperties.php index ccf321c0e..073e52d7a 100644 --- a/workflow/engine/classes/model/UsersProperties.php +++ b/workflow/engine/classes/model/UsersProperties.php @@ -125,70 +125,144 @@ class UsersProperties extends BaseUsersProperties return $aUserProperty; } - public function validatePassword($sPassword, $sLastUpdate, $iChangePasswordNextTime, $nowLogin = false) + /** + * This function will be validate the password policies + * + * @param string $password + * @param string $lastUpdate + * @param integer $changePassword + * @param boolean $nowLogin + * + * @return array + */ + public function validatePassword($password, $lastUpdate, $changePassword, $nowLogin = false) { - if (! defined('PPP_MINIMUM_LENGTH')) { + if (!defined('PPP_MINIMUM_LENGTH')) { define('PPP_MINIMUM_LENGTH', 5); } - if (! defined('PPP_MAXIMUM_LENGTH')) { + if (!defined('PPP_MAXIMUM_LENGTH')) { define('PPP_MAXIMUM_LENGTH', 20); } - if (! defined('PPP_NUMERICAL_CHARACTER_REQUIRED')) { + if (!defined('PPP_NUMERICAL_CHARACTER_REQUIRED')) { define('PPP_NUMERICAL_CHARACTER_REQUIRED', 0); } - if (! defined('PPP_UPPERCASE_CHARACTER_REQUIRED')) { + if (!defined('PPP_UPPERCASE_CHARACTER_REQUIRED')) { define('PPP_UPPERCASE_CHARACTER_REQUIRED', 0); } - if (! defined('PPP_SPECIAL_CHARACTER_REQUIRED')) { + if (!defined('PPP_SPECIAL_CHARACTER_REQUIRED')) { define('PPP_SPECIAL_CHARACTER_REQUIRED', 0); } - if (! defined('PPP_EXPIRATION_IN')) { + if (!defined('PPP_EXPIRATION_IN')) { define('PPP_EXPIRATION_IN', 0); } - if (function_exists('mb_strlen')) { - $iLength = mb_strlen($sPassword); - } else { - $iLength = strlen($sPassword); + $lengthPassword = function_exists('mb_strlen') ? mb_strlen($password): strlen($password); + + $listErrors = []; + //The password has the minimum length + if ($lengthPassword < PPP_MINIMUM_LENGTH || $nowLogin) { + $listErrors[] = 'ID_PPP_MINIMUM_LENGTH'; } - $aErrors = array(); - if ($iLength < PPP_MINIMUM_LENGTH || $nowLogin) { - $aErrors[] = 'ID_PPP_MINIMUM_LENGTH'; - } - if ($iLength > PPP_MAXIMUM_LENGTH || $nowLogin) { - $aErrors[] = 'ID_PPP_MAXIMUM_LENGTH'; + //The password has the maximum length + if ($lengthPassword > PPP_MAXIMUM_LENGTH || $nowLogin) { + $listErrors[] = 'ID_PPP_MAXIMUM_LENGTH'; } + //The password requires a number if (PPP_NUMERICAL_CHARACTER_REQUIRED == 1) { - if (preg_match_all('/[0-9]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { - $aErrors[] = 'ID_PPP_NUMERICAL_CHARACTER_REQUIRED'; + if (preg_match_all('/[0-9]/', $password, $aMatch, + PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { + $listErrors[] = 'ID_PPP_NUMERICAL_CHARACTER_REQUIRED'; } } + //The password requires a upper case if (PPP_UPPERCASE_CHARACTER_REQUIRED == 1) { - if (preg_match_all('/[A-Z]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { - $aErrors[] = 'ID_PPP_UPPERCASE_CHARACTER_REQUIRED'; + if (preg_match_all('/[A-Z]/', $password, $aMatch, + PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { + $listErrors[] = 'ID_PPP_UPPERCASE_CHARACTER_REQUIRED'; } } + //The password requires a special character if (PPP_SPECIAL_CHARACTER_REQUIRED == 1) { - if (preg_match_all('/[��\\!|"@�#$~%�&�\/()=\'?��*+\-_.:,;]/', $sPassword, $aMatch, PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { - $aErrors[] = 'ID_PPP_SPECIAL_CHARACTER_REQUIRED'; + if (preg_match_all('/[��\\!|"@�#$~%�&�\/()=\'?��*+\-_.:,;]/', $password, $aMatch, + PREG_PATTERN_ORDER | PREG_OFFSET_CAPTURE) == 0 || $nowLogin) { + $listErrors[] = 'ID_PPP_SPECIAL_CHARACTER_REQUIRED'; } } + //The configuration PPP_EXPIRATION_IN is saved in hours if (PPP_EXPIRATION_IN > 0) { - $oCalendar = new Calendar(); - - if ($oCalendar->pmCalendarUid == '') { - $oCalendar->pmCalendarUid = '00000000000000000000000000000001'; - $oCalendar->getCalendarData(); - } - - $fDays = $oCalendar->calculateDuration(date('Y-m-d H:i:s'), $sLastUpdate); - if ($fDays > (PPP_EXPIRATION_IN * 24) || $nowLogin) { - $aErrors[] = 'ID_PPP_EXPIRATION_IN'; + $hoursBetweenDates = (strtotime(date('Y-m-d H:i:s')) - strtotime($lastUpdate)) / (60 * 60); + if ($hoursBetweenDates > PPP_EXPIRATION_IN || $nowLogin) { + $listErrors[] = 'ID_PPP_EXPIRATION_IN'; + $changePassword = 1; } } - if ($iChangePasswordNextTime == 1) { - $aErrors[] = 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN'; + + if ($changePassword == 1) { + $listErrors[] = 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN'; } - return $aErrors; + + return $listErrors; + } + + /** + * This function will be get the message for show what policies does not complied + * + * @param array $errorsInPassword + * @param boolean $afterFillingPass + * @param boolean $onlyText + * + * @return array + */ + public function getMessageValidatePassword($errorsInPassword, $afterFillingPass = true, $onlyText = false){ + $messPassword = []; + $policyErrors = false; + if ($afterFillingPass) { + $policyMessage = G::LoadTranslation('ID_POLICY_ALERT'); + } else { + $policyMessage = G::LoadTranslation('ID_POLICY_ALERT_INFO'); + } + $policyMessage .= ($onlyText) ? ' ' : '

'; + + foreach ($errorsInPassword as $error) { + switch ($error) { + case 'ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN': + //Does not consider a policy for the final user, the administrator request to change password + $messPassword[substr($error, 3)] = PPP_MINIMUM_LENGTH; + break; + case 'ID_PPP_MINIMUM_LENGTH': + $policyErrors = true; + $policyMessage .= '- ' . G::LoadTranslation($error) . ': ' . PPP_MINIMUM_LENGTH; + $policyMessage .= ($onlyText) ? '. ' : '
'; + $messPassword[substr($error, 3)] = PPP_MINIMUM_LENGTH; + $messPassword['PPP_MINIMUN_LENGTH'] = PPP_MINIMUM_LENGTH; + break; + case 'ID_PPP_MAXIMUM_LENGTH': + $policyErrors = true; + $policyMessage .= '- ' . G::LoadTranslation($error) . ': ' . PPP_MAXIMUM_LENGTH; + $policyMessage .= ($onlyText) ? '. ' : '
'; + $messPassword[substr($error, 3)] = PPP_MAXIMUM_LENGTH; + $messPassword['PPP_MAXIMUN_LENGTH'] = PPP_MAXIMUM_LENGTH; + break; + case 'ID_PPP_EXPIRATION_IN': + //Does not consider a policy for the final user, this is enhanced login configuration + $messPassword[substr($error, 3)] = PPP_EXPIRATION_IN; + break; + default: + //PPP_NUMERICAL_CHARACTER_REQUIRED + //PPP_UPPERCASE_CHARACTER_REQUIRED + //PPP_SPECIAL_CHARACTER_REQUIRED + $policyErrors = true; + $policyMessage .= '- ' . G::LoadTranslation($error); + $policyMessage .= ($onlyText) ? '. ' : '
'; + $messPassword[substr($error, 3)] = 1; + break; + } + } + if ($afterFillingPass){ + $policyMessage .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY'); + } + $messPassword['DESCRIPTION'] = ($policyErrors) ? $policyMessage : ''; + + return $messPassword; } /** diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po index 0114a1a82..dd02ad0eb 100644 --- a/workflow/engine/content/translations/english/processmaker.en.po +++ b/workflow/engine/content/translations/english/processmaker.en.po @@ -20924,8 +20924,14 @@ msgstr "PM Table" # TRANSLATION # LABEL/ID_POLICY_ALERT #: LABEL/ID_POLICY_ALERT -msgid "Your password does not meet the following password policies" -msgstr "Your password does not meet the following password policies" +msgid "Your password does not meet the following password policies:" +msgstr "Your password does not meet the following password policies:" + +# TRANSLATION +# LABEL/ID_POLICY_ALERT_INFO +#: LABEL/ID_POLICY_ALERT_INFO +msgid "Your password must meet the following policies:" +msgstr "Your password must meet the following policies:" # TRANSLATION # LABEL/ID_PORT @@ -20960,8 +20966,8 @@ msgstr "The posted data is empty!" # TRANSLATION # LABEL/ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN #: LABEL/ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN -msgid "User must change his/her password after next login" -msgstr "User must change his/her password after next login" +msgid "Your previous password has expired, please enter a new password" +msgstr "Your previous password has expired, please enter a new password" # TRANSLATION # LABEL/ID_PPP_EXPIRATION_IN diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql index b531f3398..bbbb1f3ca 100644 --- a/workflow/engine/data/mysql/insert.sql +++ b/workflow/engine/data/mysql/insert.sql @@ -60364,13 +60364,14 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE ( 'LABEL','ID_PM_GRID','en','pmGrid','2014-01-15') , ( 'LABEL','ID_PM_HEARTBEAT_SETTINGS_TITLE','en','Heart Beat Configuration','2014-01-15') , ( 'LABEL','ID_PM_TABLE','en','PM Table','2014-01-15') , -( 'LABEL','ID_POLICY_ALERT','en','Your password does not meet the following password policies','2014-01-15') , +( 'LABEL','ID_POLICY_ALERT','en','Your password does not meet the following password policies:','2018-10-29') , +( 'LABEL','ID_POLICY_ALERT_INFO','en','Your password must meet the following policies:','2018-10-29') , ( 'LABEL','ID_PORT','en','Port','2014-01-15') , ( 'LABEL','ID_PORT_UNREACHABLE','en','Destination Port Unreachable','2015-09-18') , ( 'LABEL','ID_POSITION','en','Position','2014-01-15') , ( 'LABEL','ID_POSTED_AT','en','Posted at','2014-01-15') , ( 'LABEL','ID_POSTED_DATA_EMPTY','en','The posted data is empty!','2015-01-16') , -( 'LABEL','ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN','en','User must change his/her password after next login','2014-10-21') , +( 'LABEL','ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN','en','Your previous password has expired, please enter a new password','2018-10-26') , ( 'LABEL','ID_PPP_EXPIRATION_IN','en','Password Expiration in','2014-01-15') , ( 'LABEL','ID_PPP_MAXIMUM_LENGTH','en','Maximum length','2014-01-15') , ( 'LABEL','ID_PPP_MAXIMUN_LENGTH','en','Maximum length','2014-01-15') , diff --git a/workflow/engine/methods/login/authentication.php b/workflow/engine/methods/login/authentication.php index 6ab0d36f8..262b9d65c 100644 --- a/workflow/engine/methods/login/authentication.php +++ b/workflow/engine/methods/login/authentication.php @@ -290,7 +290,7 @@ try { /* Check password using policy - Start */ require_once 'classes/model/UsersProperties.php'; - $oUserProperty = new UsersProperties(); + $userProperty = new UsersProperties(); // getting default user location if (isset($_REQUEST['form']['URL']) && $_REQUEST['form']['URL'] != '') { @@ -307,7 +307,7 @@ try { if (isset($_REQUEST['u']) && $_REQUEST['u'] != '') { $sLocation = G::sanitizeInput($_REQUEST['u']); } else { - $sLocation = $oUserProperty->redirectTo($_SESSION['USER_LOGGED'], $lang); + $sLocation = $userProperty->redirectTo($_SESSION['USER_LOGGED'], $lang); } } @@ -316,50 +316,39 @@ try { die(); } - $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd))))); - $aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true); + $userPropertyInfo = $userProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($pwd))))); + $errorInPassword = $userProperty->validatePassword( + $_POST['form']['USR_PASSWORD'], + $userPropertyInfo['USR_LAST_UPDATE_DATE'], + $userPropertyInfo['USR_LOGGED_NEXT_TIME'] + ); + //Enable change password from GAP if (!isset($enableChangePasswordAfterNextLogin)) { $enableChangePasswordAfterNextLogin = true; } - if ($enableChangePasswordAfterNextLogin && !empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) { + if ($enableChangePasswordAfterNextLogin && !empty($errorInPassword)) { if (!defined('NO_DISPLAY_USERNAME')) { define('NO_DISPLAY_USERNAME', 1); } - $aFields = array(); - $aFields['DESCRIPTION'] = ''; - $aFields['DESCRIPTION'] .= G::LoadTranslation('ID_POLICY_ALERT').':

'; - foreach ($aErrors as $sError) { - switch ($sError) { - case 'ID_PPP_MINIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).': ' . PPP_MINIMUM_LENGTH . '
'; - $aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH; - $aFields['PPP_MINIMUN_LENGTH'] = PPP_MINIMUM_LENGTH; - break; - case 'ID_PPP_MAXIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).': ' . PPP_MAXIMUM_LENGTH . '
'; - $aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH; - $aFields['PPP_MAXIMUN_LENGTH'] = PPP_MAXIMUM_LENGTH; - break; - case 'ID_PPP_EXPIRATION_IN': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '
'; - $aFields[substr($sError, 3)] = PPP_EXPIRATION_IN; - break; - default: - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError).'
'; - $aFields[substr($sError, 3)] = 1; - break; - } + //We will to get the message for the login + $messPassword = []; + $policySection = $userProperty->getMessageValidatePassword($errorInPassword, false); + $changePassword = ''; + if (array_search('ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN', $errorInPassword)) { + $changePassword .= G::LoadTranslation('ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN') . '

'; } - $aFields['DESCRIPTION'] .= '
' . G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY') . '

'; + $messPassword['DESCRIPTION'] = $changePassword . $policySection['DESCRIPTION'] . ''; + $G_PUBLISH = new Publisher; $version = explode('.', trim(file_get_contents(PATH_GULLIVER . 'VERSION'))); $version = isset($version[0]) ? intval($version[0]) : 0; if ($version >= 3) { - $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePasswordpm3', '', $aFields, 'changePassword'); - }else{ - $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePassword', '', $aFields, 'changePassword'); + $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePasswordpm3', '', $messPassword, + 'changePassword'); + } else { + $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/changePassword', '', $messPassword, 'changePassword'); } G::RenderPage('publish'); die; diff --git a/workflow/engine/methods/users/myInfo_Save.php b/workflow/engine/methods/users/myInfo_Save.php deleted file mode 100644 index 68d9a4b08..000000000 --- a/workflow/engine/methods/users/myInfo_Save.php +++ /dev/null @@ -1,170 +0,0 @@ -. - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - */ -try { - ini_set( 'display_errors', '1' ); - global $RBAC; - switch ($RBAC->userCanAccess( 'PM_LOGIN' )) { - case - 2: - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' ); - G::header( 'location: ../login/login' ); - die(); - break; - case - 1: - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' ); - G::header( 'location: ../login/login' ); - die(); - break; - } - if (isset( $_FILES['form']['name']['USR_RESUME'] )) { - $_POST['form']['USR_RESUME'] = $_FILES['form']['name']['USR_RESUME']; - } - if ($_POST['form']['USR_EMAIL'] != '') { - // The ereg function has been DEPRECATED as of PHP 5.3.0. - // if (!ereg("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$", $_POST['form']['USR_EMAIL'])) { - if (! preg_match( "/^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*$/", $_POST['form']['USR_EMAIL'] )) { - G::SendTemporalMessage( 'ID_INCORRECT_EMAIL', 'error' ); - } - } - if (! isset( $_POST['form']['USR_NEW_PASS'] )) { - $_POST['form']['USR_NEW_PASS'] = ''; - } - if ($_POST['form']['USR_NEW_PASS'] != '') { - $_POST['form']['USR_PASSWORD'] = Bootstrap::hashPassword( $_POST['form']['USR_NEW_PASS'] ); - } - if (! isset( $_POST['form']['USR_CITY'] )) { - $_POST['form']['USR_CITY'] = ''; - } - if (! isset( $_POST['form']['USR_LOCATION'] )) { - $_POST['form']['USR_LOCATION'] = ''; - } - if (! isset( $_POST['form']['USR_ROLE'] )) { - $_POST['form']['USR_ROLE'] = ''; - } - $aData['USR_UID'] = $_POST['form']['USR_UID']; - $aData['USR_USERNAME'] = $_POST['form']['USR_USERNAME']; - if (isset( $_POST['form']['USR_PASSWORD'] )) { - if ($_POST['form']['USR_PASSWORD'] != '') { - $aData['USR_PASSWORD'] = $_POST['form']['USR_PASSWORD']; - require_once 'classes/model/UsersProperties.php'; - $oUserProperty = new UsersProperties(); - $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $_POST['form']['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $_POST['form']['USR_NEW_PASS'] ) - ) ) - ) ); - $aErrors = $oUserProperty->validatePassword( $_POST['form']['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'] ); - if (count( $aErrors ) > 0) { - $sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':

'; - foreach ($aErrors as $sError) { - switch ($sError) { - case 'ID_PPP_MINIMUN_LENGTH': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MINIMUN_LENGTH . '
'; - break; - case 'ID_PPP_MAXIMUN_LENGTH': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MAXIMUN_LENGTH . '
'; - break; - case 'ID_PPP_EXPIRATION_IN': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation( 'ID_DAYS' ) . '
'; - break; - default: - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . '
'; - break; - } - } - $sDescription .= '
' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' ); - G::SendMessageText( $sDescription, 'warning' ); - G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] ); - die(); - } - $aHistory = unserialize( $aUserProperty['USR_PASSWORD_HISTORY'] ); - if (! is_array( $aHistory )) { - $aHistory = array (); - } - if (! defined( 'PPP_PASSWORD_HISTORY' )) { - define( 'PPP_PASSWORD_HISTORY', 0 ); - } - if (PPP_PASSWORD_HISTORY > 0) { - if (count( $aHistory ) >= PPP_PASSWORD_HISTORY) { - array_shift( $aHistory ); - } - $aHistory[] = $_POST['form']['USR_NEW_PASS']; - } - $aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - $aUserProperty['USR_LOGGED_NEXT_TIME'] = 1; - $aUserProperty['USR_PASSWORD_HISTORY'] = serialize( $aHistory ); - $oUserProperty->update( $aUserProperty ); - } - } - $aData['USR_FIRSTNAME'] = $_POST['form']['USR_FIRSTNAME']; - $aData['USR_LASTNAME'] = $_POST['form']['USR_LASTNAME']; - $aData['USR_EMAIL'] = $_POST['form']['USR_EMAIL']; - $aData['USR_DUE_DATE'] = $_POST['form']['USR_DUE_DATE']; - $aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - $RBAC->updateUser( $aData ); - $aData['USR_PASSWORD'] = G::encryptOld( $_POST['form']['USR_USERNAME'] ); //fake :p - $aData['USR_COUNTRY'] = $_POST['form']['USR_COUNTRY']; - $aData['USR_CITY'] = $_POST['form']['USR_CITY']; - $aData['USR_LOCATION'] = $_POST['form']['USR_LOCATION']; - $aData['USR_ADDRESS'] = $_POST['form']['USR_ADDRESS']; - $aData['USR_PHONE'] = $_POST['form']['USR_PHONE']; - $aData['USR_ZIP_CODE'] = $_POST['form']['USR_ZIP_CODE']; - $aData['USR_POSITION'] = $_POST['form']['USR_POSITION']; - if ($_POST['form']['USR_RESUME'] != '') { - $aData['USR_RESUME'] = $_POST['form']['USR_RESUME']; - } - require_once 'classes/model/Users.php'; - $oUser = new Users(); - $oUser->update( $aData ); - if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') { - $aAux = explode( '.', $_FILES['form']['name']['USR_PHOTO'] ); - G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $aData['USR_UID'] . '.' . $aAux[1] ); - G::resizeImage( PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.' . $aAux[1], 96, 96, PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.gif' ); - } - if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') { - G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $aData['USR_UID'] . '/', $_FILES['form']['name']['USR_RESUME'] ); - } - - /* Saving preferences */ - $def_lang = $_POST['form']['PREF_DEFAULT_LANG']; - $def_menu = $_POST['form']['PREF_DEFAULT_MENUSELECTED']; - $def_cases_menu = $_POST['form']['PREF_DEFAULT_CASES_MENUSELECTED']; - - $oConf = new Configurations(); - $aConf = Array ('DEFAULT_LANG' => $def_lang,'DEFAULT_MENU' => $def_menu,'DEFAULT_CASES_MENU' => $def_cases_menu - ); - - /*UPDATING SESSION VARIABLES*/ - $aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] ); - $_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME']; - - $oConf->aConfig = $aConf; - $oConf->saveConfig( 'USER_PREFERENCES', '', '', $_SESSION['USER_LOGGED'] ); - - G::SendTemporalMessage( 'ID_CHANGES_SAVED', 'info', 'labels' ); - G::header( 'location: myInfo' ); -} catch (Exception $oException) { - $token = strtotime("now"); - PMException::registerErrorLog($oException, $token); - G::outRes( G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) ); - die; -} - diff --git a/workflow/engine/methods/users/usersAjax.php b/workflow/engine/methods/users/usersAjax.php index 76a2413a1..130458084 100644 --- a/workflow/engine/methods/users/usersAjax.php +++ b/workflow/engine/methods/users/usersAjax.php @@ -380,56 +380,32 @@ switch ($_POST['action']) { break; case 'testPassword': require_once 'classes/model/UsersProperties.php'; - $oUserProperty = new UsersProperties(); + $userProperty = new UsersProperties(); - $aFields = array(); + $fields = []; $color = ''; $img = ''; $dateNow = date('Y-m-d H:i:s'); - $aErrors = $oUserProperty->validatePassword($_POST['PASSWORD_TEXT'], $dateNow, $dateNow); + $errorInPassword = $userProperty->validatePassword($_POST['PASSWORD_TEXT'], $dateNow, 0); - if (!empty($aErrors)) { + if (!empty($errorInPassword)) { $img = '/images/delete.png'; $color = 'red'; if (!defined('NO_DISPLAY_USERNAME')) { define('NO_DISPLAY_USERNAME', 1); } - $aFields = array(); - $aFields['DESCRIPTION'] = G::LoadTranslation('ID_POLICY_ALERT') . ':
'; - - foreach ($aErrors as $sError) { - switch ($sError) { - case 'ID_PPP_MINIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '
'; - $aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH; - break; - case 'ID_PPP_MAXIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUM_LENGTH . '
'; - $aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH; - break; - case 'ID_PPP_EXPIRATION_IN': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '
'; - $aFields[substr($sError, 3)] = PPP_EXPIRATION_IN; - break; - default: - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . '
'; - $aFields[substr($sError, 3)] = 1; - break; - } - } - - $aFields['DESCRIPTION'] .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY') . ''; - $aFields['STATUS'] = false; + $fields = $userProperty->getMessageValidatePassword($errorInPassword); + $fields['STATUS'] = false; } else { $color = 'green'; $img = '/images/dialog-ok-apply.png'; - $aFields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES') . ''; - $aFields['STATUS'] = true; + $fields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES') . ''; + $fields['STATUS'] = true; } $span = ''; $gif = ''; - $aFields['DESCRIPTION'] = $span . $gif . $aFields['DESCRIPTION']; - print(G::json_encode($aFields)); + $fields['DESCRIPTION'] = $span . $gif . $fields['DESCRIPTION']; + print(G::json_encode($fields)); break; case 'testUsername': require_once 'classes/model/Users.php'; diff --git a/workflow/engine/methods/users/users_Save.php b/workflow/engine/methods/users/users_Save.php deleted file mode 100644 index 067c47bd0..000000000 --- a/workflow/engine/methods/users/users_Save.php +++ /dev/null @@ -1,297 +0,0 @@ -. - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - */ - -try { - global $RBAC; - switch ($RBAC->userCanAccess( 'PM_FACTORY' )) { - case - 2: - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' ); - G::header( 'location: ../login/login' ); - die(); - break; - case - 1: - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' ); - G::header( 'location: ../login/login' ); - die(); - break; - } - if (empty( $_POST ) || ! isset( $_POST['form'] )) { - if (empty( $_FILES )) - throw (new Exception( G::loadTranslation( 'ID_ERROR_UPLOADING_FILENAME' ) )); - else - throw (new Exception( G::loadTranslation( 'ID_POSTED_DATA_EMPTY' ) )); - } - - $form = $_POST['form']; - - if (isset( $_GET['USR_UID'] )) { - $form['USR_UID'] = $_GET['USR_UID']; - } else { - $form['USR_UID'] = ''; - } - - if (isset( $_FILES['form']['name']['USR_RESUME'] )) { - if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') { - $form['USR_RESUME'] = $_FILES['form']['name']['USR_RESUME']; - } else { - $form['USR_RESUME'] = ''; - } - } - - if (! isset( $form['USR_NEW_PASS'] )) { - $form['USR_NEW_PASS'] = ''; - } - if ($form['USR_NEW_PASS'] != '') { - $form['USR_PASSWORD'] = Bootstrap::hashPassword( $form['USR_NEW_PASS'] ); - } - if (! isset( $form['USR_CITY'] )) { - $form['USR_CITY'] = ''; - } - if (! isset( $form['USR_LOCATION'] )) { - $form['USR_LOCATION'] = ''; - } - if (! isset( $form['USR_AUTH_USER_DN'] )) { - $form['USR_AUTH_USER_DN'] = ''; - } - if ($form['USR_UID'] == '') { - $aData['USR_USERNAME'] = $form['USR_USERNAME']; - $aData['USR_PASSWORD'] = $form['USR_PASSWORD']; - $aData['USR_FIRSTNAME'] = $form['USR_FIRSTNAME']; - $aData['USR_LASTNAME'] = $form['USR_LASTNAME']; - $aData['USR_EMAIL'] = $form['USR_EMAIL']; - $aData['USR_DUE_DATE'] = $form['USR_DUE_DATE']; - $aData['USR_CREATE_DATE'] = date( 'Y-m-d H:i:s' ); - $aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - $aData['USR_BIRTHDAY'] = date( 'Y-m-d' ); - $aData['USR_AUTH_USER_DN'] = $form['USR_AUTH_USER_DN']; - //fixing bug in inactive user when the admin create a new user. - $statusWF = $form['USR_STATUS']; - $aData['USR_STATUS'] = $form['USR_STATUS'] == 'ACTIVE' ? 1 : 0; - $sUserUID = $RBAC->createUser( $aData, $form['USR_ROLE'] ); - $aData['USR_STATUS'] = $statusWF; - $aData['USR_UID'] = $sUserUID; - $aData['USR_PASSWORD'] = G::encryptOld( $sUserUID ); //fake :p - $aData['USR_COUNTRY'] = $form['USR_COUNTRY']; - $aData['USR_CITY'] = $form['USR_CITY']; - $aData['USR_LOCATION'] = $form['USR_LOCATION']; - $aData['USR_ADDRESS'] = $form['USR_ADDRESS']; - $aData['USR_PHONE'] = $form['USR_PHONE']; - $aData['USR_ZIP_CODE'] = $form['USR_ZIP_CODE']; - $aData['USR_POSITION'] = $form['USR_POSITION']; - // Commented by removal of resume in the addition and modification of user. - // $aData['USR_RESUME'] = $form['USR_RESUME']; - $aData['USR_ROLE'] = $form['USR_ROLE']; - $aData['USR_REPLACED_BY'] = $form['USR_REPLACED_BY']; - - require_once 'classes/model/Users.php'; - $oUser = new Users(); - $oUser->create( $aData ); - if ($_FILES['form']['error']['USR_PHOTO'] != 1) { - if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') { - G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $sUserUID . '.gif' ); - } - } else { - G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' ); - } - if ($_FILES['form']['error']['USR_RESUME'] != 1) { - if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') { - G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $sUserUID . '/', $_FILES['form']['name']['USR_RESUME'] ); - } - } else { - G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' ); - } - } else { - $aData['USR_UID'] = $form['USR_UID']; - $aData['USR_USERNAME'] = $form['USR_USERNAME']; - - if (isset( $form['USR_PASSWORD'] )) { - if ($form['USR_PASSWORD'] != '') { - $aData['USR_PASSWORD'] = $form['USR_PASSWORD']; - require_once 'classes/model/UsersProperties.php'; - $oUserProperty = new UsersProperties(); - $aUserProperty = $oUserProperty->loadOrCreateIfNotExists( $form['USR_UID'], array ('USR_PASSWORD_HISTORY' => serialize( array (G::encryptOld( $form['USR_PASSWORD'] ) - ) ) - ) ); - - $RBAC->loadUserRolePermission( 'PROCESSMAKER', $_SESSION['USER_LOGGED'] ); - if ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE'] == 'PROCESSMAKER_ADMIN') { - $aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - $aUserProperty['USR_LOGGED_NEXT_TIME'] = 1; - $oUserProperty->update( $aUserProperty ); - } - - $aErrors = $oUserProperty->validatePassword( $form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0 ); - if (count( $aErrors ) > 0) { - $sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':

'; - foreach ($aErrors as $sError) { - switch ($sError) { - case 'ID_PPP_MINIMUN_LENGTH': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MINIMUN_LENGTH . '
'; - break; - case 'ID_PPP_MAXIMUN_LENGTH': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ': ' . PPP_MAXIMUN_LENGTH . '
'; - break; - case 'ID_PPP_EXPIRATION_IN': - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation( 'ID_DAYS' ) . '
'; - break; - default: - $sDescription .= ' - ' . G::LoadTranslation( $sError ) . '
'; - break; - } - } - $sDescription .= '
' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' ); - G::SendMessageText( $sDescription, 'warning' ); - G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] ); - die(); - } - $aHistory = unserialize( $aUserProperty['USR_PASSWORD_HISTORY'] ); - if (! is_array( $aHistory )) { - $aHistory = array (); - } - if (! defined( 'PPP_PASSWORD_HISTORY' )) { - define( 'PPP_PASSWORD_HISTORY', 0 ); - } - if (PPP_PASSWORD_HISTORY > 0) { - //it's looking a password igual into aHistory array that was send for post in md5 way - $c = 0; - $sw = 1; - while (count( $aHistory ) >= 1 && count( $aHistory ) > $c && $sw) { - if (strcmp( trim( $aHistory[$c] ), trim( $form['USR_PASSWORD'] ) ) == 0) { - $sw = 0; - } - $c ++; - } - if ($sw == 0) { - $sDescription = G::LoadTranslation( 'ID_POLICY_ALERT' ) . ':

'; - $sDescription .= ' - ' . G::LoadTranslation( 'PASSWORD_HISTORY' ) . ': ' . PPP_PASSWORD_HISTORY . '
'; - $sDescription .= '
' . G::LoadTranslation( 'ID_PLEASE_CHANGE_PASSWORD_POLICY' ) . ''; - G::SendMessageText( $sDescription, 'warning' ); - G::header( 'Location: ' . $_SERVER['HTTP_REFERER'] ); - die(); - } - // - if (count( $aHistory ) >= PPP_PASSWORD_HISTORY) { - $sLastPassw = array_shift( $aHistory ); - } - $aHistory[] = $form['USR_PASSWORD']; - } - $aUserProperty['USR_LAST_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - $aUserProperty['USR_LOGGED_NEXT_TIME'] = 1; - $aUserProperty['USR_PASSWORD_HISTORY'] = serialize( $aHistory ); - $oUserProperty->update( $aUserProperty ); - } - } - $aData['USR_FIRSTNAME'] = $form['USR_FIRSTNAME']; - $aData['USR_LASTNAME'] = $form['USR_LASTNAME']; - $aData['USR_EMAIL'] = $form['USR_EMAIL']; - $aData['USR_DUE_DATE'] = $form['USR_DUE_DATE']; - $aData['USR_UPDATE_DATE'] = date( 'Y-m-d H:i:s' ); - if (isset( $form['USR_STATUS'] )) { - $aData['USR_STATUS'] = $form['USR_STATUS']; - } - if (isset( $form['USR_ROLE'] )) { - $RBAC->updateUser( $aData, $form['USR_ROLE'] ); - } else { - $RBAC->updateUser( $aData ); - } - $aData['USR_COUNTRY'] = $form['USR_COUNTRY']; - $aData['USR_CITY'] = $form['USR_CITY']; - $aData['USR_LOCATION'] = $form['USR_LOCATION']; - $aData['USR_ADDRESS'] = $form['USR_ADDRESS']; - $aData['USR_PHONE'] = $form['USR_PHONE']; - $aData['USR_ZIP_CODE'] = $form['USR_ZIP_CODE']; - $aData['USR_POSITION'] = $form['USR_POSITION']; - - if ($form['USR_RESUME'] != '') { - $aData['USR_RESUME'] = $form['USR_RESUME']; - } - if (isset( $form['USR_ROLE'] )) { - $aData['USR_ROLE'] = $form['USR_ROLE']; - } - - if (isset( $form['USR_REPLACED_BY'] )) { - $aData['USR_REPLACED_BY'] = $form['USR_REPLACED_BY']; - } - if (isset( $form['USR_AUTH_USER_DN'] )) { - $aData['USR_AUTH_USER_DN'] = $form['USR_AUTH_USER_DN']; - } - - require_once 'classes/model/Users.php'; - $oUser = new Users(); - $oUser->update( $aData ); - $aExtensions = array ("AIS","BMP","BW","CDR","CDT","CGM","CMX","CPT","DCX","DIB","EMF","GBR","GIF","GIH","ICO","IFF","ILBM","JFIF","JIF","JPE","JPEG","JPG","KDC","LBM","MAC","PAT","PCD","PCT","PCX","PIC","PICT","PNG","PNTG","PIX","PSD","PSP","QTI","QTIF","RGB","RGBA","RIF","RLE","SGI","TGA","TIF","TIFF","WMF","XCF" - ); - - $sPhotoFile = $_FILES['form']['name']['USR_PHOTO']; - $aPhotoFile = explode( '.', $sPhotoFile ); - $sExtension = strtoupper( $aPhotoFile[sizeof( $aPhotoFile ) - 1] ); - if ((strlen( $sPhotoFile ) > 0) && (! in_array( $sExtension, $aExtensions ))) { - throw (new Exception( G::LoadTranslation( 'ID_ERROR_UPLOADING_IMAGE_TYPE' ) )); - } - if ($_FILES['form']['error']['USR_PHOTO'] != 1) { - if ($_FILES['form']['tmp_name']['USR_PHOTO'] != '') { - $aAux = explode( '.', $_FILES['form']['name']['USR_PHOTO'] ); - G::uploadFile( $_FILES['form']['tmp_name']['USR_PHOTO'], PATH_IMAGES_ENVIRONMENT_USERS, $aData['USR_UID'] . '.' . $aAux[1] ); - G::resizeImage( PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.' . $aAux[1], 96, 96, PATH_IMAGES_ENVIRONMENT_USERS . $aData['USR_UID'] . '.gif' ); - } - } else { - G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' ); - } - if ($_FILES['form']['error']['USR_RESUME'] != 1) { - if ($_FILES['form']['tmp_name']['USR_RESUME'] != '') { - G::uploadFile( $_FILES['form']['tmp_name']['USR_RESUME'], PATH_IMAGES_ENVIRONMENT_FILES . $aData['USR_UID'] . '/', $_FILES['form']['name']['USR_RESUME'] ); - } - } else { - G::SendTemporalMessage( 'ID_FILE_TOO_BIG', 'error' ); - } - } - - if ($_SESSION['USER_LOGGED'] == $form['USR_UID']) { - /*UPDATING SESSION VARIABLES*/ - $aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] ); - $_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME']; - } - - //Save Calendar assigment - if ((isset( $form['USR_CALENDAR'] ))) { - //Save Calendar ID for this user - - $calendarObj = new Calendar(); - $calendarObj->assignCalendarTo( $aData['USR_UID'], $form['USR_CALENDAR'], 'USER' ); - } - - G::header( 'location: users_List' ); -} catch (Exception $e) { - $G_MAIN_MENU = 'processmaker'; - $G_SUB_MENU = 'users'; - $G_ID_MENU_SELECTED = 'USERS'; - $G_ID_SUB_MENU_SELECTED = ''; - - $aMessage = array (); - $aMessage['MESSAGE'] = $e->getMessage(); - $G_PUBLISH = new Publisher(); - $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', $aMessage ); - G::RenderPage( 'publish', 'blank' ); -} - diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/User.php b/workflow/engine/src/ProcessMaker/BusinessModel/User.php index 6f25fb6de..6bf7818dd 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/User.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/User.php @@ -1151,43 +1151,23 @@ class User */ public function testPassword($sPassword = '') { - $oUserProperty = new UsersProperties(); - $aFields = array(); + $userProperty = new UsersProperties(); + $fields = []; $dateNow = date('Y-m-d H:i:s'); - $aErrors = $oUserProperty->validatePassword($sPassword, $dateNow, 0); - if (!empty($aErrors)) { + $errorInPassword = $userProperty->validatePassword($sPassword, $dateNow, 0); + if (!empty($errorInPassword)) { if (!defined('NO_DISPLAY_USERNAME')) { define('NO_DISPLAY_USERNAME', 1); } - $aFields = array(); - $aFields['DESCRIPTION'] = G::LoadTranslation('ID_POLICY_ALERT'); - foreach ($aErrors as $sError) { - switch ($sError) { - case 'ID_PPP_MINIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '. '; - $aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH; - break; - case 'ID_PPP_MAXIMUM_LENGTH': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUM_LENGTH . '. '; - $aFields[substr($sError, 3)] = PPP_MAXIMUM_LENGTH; - break; - case 'ID_PPP_EXPIRATION_IN': - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '. '; - $aFields[substr($sError, 3)] = PPP_EXPIRATION_IN; - break; - default: - $aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError); - $aFields[substr($sError, 3)] = 1; - break; - } - } - $aFields['DESCRIPTION'] .= G::LoadTranslation('ID_PLEASE_CHANGE_PASSWORD_POLICY'); - $aFields['STATUS'] = false; + //We will to get the message for test the password + $fields = $userProperty->getMessageValidatePassword($errorInPassword, true, true); + $fields['STATUS'] = false; } else { - $aFields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES'); - $aFields['STATUS'] = true; + $fields['DESCRIPTION'] = G::LoadTranslation('ID_PASSWORD_COMPLIES_POLICIES'); + $fields['STATUS'] = true; } - return $aFields; + + return $fields; } /**