From dcc9d80a7047af57504e542a36ead2c53e265de5 Mon Sep 17 00:00:00 2001
From: wangyidong <yidong@cnezsoft.com>
Date: Fri, 18 Sep 2015 09:38:15 +0800
Subject: [PATCH]  * adjust for password safe.

---
 module/admin/lang/zh-cn.php            |  3 ++-
 module/admin/view/safe.html.php        |  4 ++++
 module/my/view/changepassword.html.php |  2 +-
 module/my/view/editprofile.html.php    |  2 +-
 module/user/lang/zh-cn.php             |  3 +++
 module/user/model.php                  | 23 ++++++++++++++---------
 module/user/view/create.html.php       |  1 +
 module/user/view/edit.html.php         |  2 +-
 www/js/my.full.js                      | 17 +++++++++++------
 9 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/module/admin/lang/zh-cn.php b/module/admin/lang/zh-cn.php
index 8e3ec70476..7fb9e15cfc 100644
--- a/module/admin/lang/zh-cn.php
+++ b/module/admin/lang/zh-cn.php
@@ -64,4 +64,5 @@ $lang->admin->safe->reasonList['mobile']   = '与手机相同';
 $lang->admin->safe->reasonList['phone']    = '与电话相同';
 $lang->admin->safe->reasonList['birthday'] = '与生日相同';
 
-$lang->admin->safe->noticeMode = '系统会在登录、创建和修改用户、修改密码的时候检查用户口令。';
+$lang->admin->safe->noticeMode   = '系统会在登录、创建和修改用户、修改密码的时候检查用户口令。';
+$lang->admin->safe->noticeStrong = '密码长度越长，含有大写字母或数字或特殊符合越多，密码字母越不重复，安全度越强！';
diff --git a/module/admin/view/safe.html.php b/module/admin/view/safe.html.php
index 78484f9304..227267c16f 100644
--- a/module/admin/view/safe.html.php
+++ b/module/admin/view/safe.html.php
@@ -25,6 +25,10 @@
         <td><?php echo html::radio('mode', $lang->admin->safe->modeList, isset($config->safe->mode) ? $config->safe->mode : 0)?></td>
         <td><?php echo $lang->admin->safe->noticeMode?></td>
       </tr>
+      <tr>
+        <th></th>
+        <td colspan='2'><span style='color:#03b8cf;font-weight:bold;'><?php echo $lang->admin->safe->noticeStrong;?></span></td>
+      </tr>
       <tr>
         <th><?php echo $lang->admin->safe->weak?></th>
         <td colspan='2'><?php echo html::textarea('weak', $config->safe->weak, "class='form-control' rows='4'")?></td>
diff --git a/module/my/view/changepassword.html.php b/module/my/view/changepassword.html.php
index 189a16c960..3629b16b2b 100755
--- a/module/my/view/changepassword.html.php
+++ b/module/my/view/changepassword.html.php
@@ -29,7 +29,7 @@
         <th><?php echo $lang->user->password;?></th>
         <td>
           <span class='input-group'>
-            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)'");?>
+            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)' placeholder='" . (!empty($config->safe->mode) ? $lang->user->placeholder->passwordStrength[$config->safe->mode] : '') . "'");?>
             <span class='input-group-addon' id='passwordStrength'></span>
           </span>
         </td>
diff --git a/module/my/view/editprofile.html.php b/module/my/view/editprofile.html.php
index b8c5364a67..4cd9b18f7d 100644
--- a/module/my/view/editprofile.html.php
+++ b/module/my/view/editprofile.html.php
@@ -55,7 +55,7 @@
           <th><?php echo $lang->user->password;?></th>
         <td>
           <span class='input-group'>
-            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)'");?>
+            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)' placeholder='" . (!empty($config->safe->mode) ? $lang->user->placeholder->passwordStrength[$config->safe->mode] : '') . "'");?>
             <span class='input-group-addon' id='passwordStrength'></span>
           </span>
         </td>
diff --git a/module/user/lang/zh-cn.php b/module/user/lang/zh-cn.php
index 0fc9f2680e..d6483e6a2f 100644
--- a/module/user/lang/zh-cn.php
+++ b/module/user/lang/zh-cn.php
@@ -141,6 +141,9 @@ $lang->user->placeholder->join      = '入职日期';
 $lang->user->placeholder->commiter  = '版本控制系统(subversion)中的帐号';
 $lang->user->placeholder->verify    = '需要输入你的密码加以验证';
 
+$lang->user->placeholder->passwordStrength[1] = '强度必须为中，尽量多包含数字，大写字母';
+$lang->user->placeholder->passwordStrength[2] = '强度必须为强，15位以上，密码尽量复杂';
+
 $lang->user->error = new stdclass();
 $lang->user->error->account       = "ID %s，英文、数字和下划线的组合，三位以上";
 $lang->user->error->accountDupl   = "ID %s，该用户名已经存在";
diff --git a/module/user/model.php b/module/user/model.php
index 94afed11ed..1abc88a4ae 100644
--- a/module/user/model.php
+++ b/module/user/model.php
@@ -1003,18 +1003,23 @@ class userModel extends model
         $chars = str_split($password);
         foreach($chars as $letter)
         {
-            if($letter >= 48 && $letter <= 57)
-            {
-                $strength += 1;
-            }
-            elseif($letter >= 65 && $letter <= 90)
-            {
-                $strength += 1;
-            }
-            elseif(!($letter >= 97 && $letter <= 122))
+            $asc = ord($letter);
+            if($asc >= 48 && $asc <= 57)
             {
                 $strength += 2;
             }
+            elseif($asc >= 65 && $asc <= 90)
+            {
+                $strength += 2;
+            }
+            elseif($asc >= 97 && $asc <= 122)
+            {
+                $strength += 1;
+            }
+            else
+            {
+                $strength += 3;
+            }
             if(strpos($uniqueChars, $letter) === false) $uniqueChars .= $letter;
         }
         $strength += strlen($uniqueChars) * 2;
diff --git a/module/user/view/create.html.php b/module/user/view/create.html.php
index 3368cc51c1..81916af57e 100644
--- a/module/user/view/create.html.php
+++ b/module/user/view/create.html.php
@@ -12,6 +12,7 @@
 ?>
 <?php include '../../common/view/header.html.php';?>
 <?php include '../../common/view/datepicker.html.php';?>
+<?php if(!empty($config->safe->mode)) $lang->user->placeholder->password1 = $lang->user->placeholder->passwordStrength[$config->safe->mode]?>
 <?php js::set('holders', $lang->user->placeholder);?>
 <?php js::set('roleGroup', $roleGroup);?>
 <div class='container mw-700px'>
diff --git a/module/user/view/edit.html.php b/module/user/view/edit.html.php
index b361344227..5b6362ade2 100644
--- a/module/user/view/edit.html.php
+++ b/module/user/view/edit.html.php
@@ -56,7 +56,7 @@
         <th><?php echo $lang->user->password;?></th>
         <td>
           <span class='input-group'>
-            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)'");?>
+            <?php echo html::password('password1', '', "class='form-control' autocomplete='off' onmouseup='checkPassword(this.value)' onkeyup='checkPassword(this.value)' placeholder='" . (!empty($config->safe->mode) ? $lang->user->placeholder->passwordStrength[$config->safe->mode] : '') . "'");?>
             <span class='input-group-addon' id='passwordStrength'></span>
           </span>
         </td>
diff --git a/www/js/my.full.js b/www/js/my.full.js
index f1cd87b9fa..15e2bf98eb 100644
--- a/www/js/my.full.js
+++ b/www/js/my.full.js
@@ -1299,17 +1299,22 @@ function computePasswordStrength(password)
     for(i = 0; i < length; i++)
     {
         letter = password.charAt(i);
-        if(letter >= 48 && letter <= 57)
+        var asc = letter.charCodeAt();
+        if(asc >= 48 && asc <= 57)
         {
-          strength += 1;
+            strength += 2;
         }
-        else if((letter >= 65 && letter <= 90))
+        else if((asc >= 65 && asc <= 90))
         {
-          strength += 1;
+            strength += 2;
         }
-        else(!(letter >= 97 && letter <= 122))
+        else if(asc >= 97 && asc <= 122)
         {
-          strength += 2;
+            strength += 1;
+        }
+        else
+        {
+            strength += 3;
         }
         if(uniqueChars.indexOf(letter) == -1) uniqueChars += letter;
     }