From e2c77e381cb0485a434e1ba3e230fee3e112cbc9 Mon Sep 17 00:00:00 2001 From: wangyidong Date: Fri, 6 Nov 2015 14:30:55 +0800 Subject: [PATCH] * change for compute password strength. --- module/convert/model.php | 1 + module/project/control.php | 2 ++ module/project/view/bug.html.php | 2 +- module/sso/model.php | 6 +++++ module/sso/view/bind.html.php | 18 +++++++++++-- module/testtask/control.php | 2 +- module/testtask/model.php | 4 +-- module/tree/model.php | 2 +- module/user/lang/zh-cn.php | 4 +-- module/user/model.php | 36 +++++++------------------- www/js/my.full.js | 44 ++++++++++++-------------------- 11 files changed, 58 insertions(+), 63 deletions(-) diff --git a/module/convert/model.php b/module/convert/model.php index c4494dfa0e..97b53d755f 100644 --- a/module/convert/model.php +++ b/module/convert/model.php @@ -81,6 +81,7 @@ class convertModel extends model unset($userConstants['TABLE_STORYSPEC']); unset($userConstants['TABLE_TEAM']); unset($userConstants['TABLE_USERGROUP']); + unset($userConstants['TABLE_STORYSTAGE']); /* Get max id of every table. */ foreach($userConstants as $key => $value) diff --git a/module/project/control.php b/module/project/control.php index 46b342c199..1e08c588b4 100644 --- a/module/project/control.php +++ b/module/project/control.php @@ -626,6 +626,7 @@ class project extends control $project = $this->commonAction($projectID); $products = $this->project->getProducts($project->id); $productID = key($products); // Get the first product for creating bug. + $branchID = $products[$productID]->branch; /* Header and position. */ $title = $project->name . $this->lang->colon . $this->lang->project->bug; @@ -658,6 +659,7 @@ class project extends control $this->view->orderBy = $orderBy; $this->view->users = $users; $this->view->productID = $productID; + $this->view->branchID = empty($this->view->build->branch) ? $branchID : $this->view->build->branch; $this->view->memberPairs = $memberPairs; $this->display(); diff --git a/module/project/view/bug.html.php b/module/project/view/bug.html.php index 3512e77f1f..e6f31b4def 100644 --- a/module/project/view/bug.html.php +++ b/module/project/view/bug.html.php @@ -18,7 +18,7 @@
- id");?> + id");?>
diff --git a/module/sso/model.php b/module/sso/model.php index 037623ff32..8ca975c34b 100644 --- a/module/sso/model.php +++ b/module/sso/model.php @@ -50,6 +50,12 @@ class ssoModel extends model $user = $this->dao->select('*')->from(TABLE_USER)->where('account')->eq($data->account)->fetch(); if($user) die(js::alert($this->lang->sso->bindHasAccount)); + if(isset($this->config->safe->mode) and $this->user->computePasswordStrength($data->password1) < $this->config->safe->mode) + { + dao::$errors['password1'][] = $this->lang->user->weakPassword; + return false; + } + $user = new stdclass(); $user->account = $data->account; $user->password = md5($data->password1); diff --git a/module/sso/view/bind.html.php b/module/sso/view/bind.html.php index d08cd94e95..d564a2e1b1 100644 --- a/module/sso/view/bind.html.php +++ b/module/sso/view/bind.html.php @@ -12,6 +12,8 @@ ?> +safe->mode)) $lang->user->placeholder->password1 = $lang->user->placeholder->passwordStrength[$config->safe->mode]?> +user->placeholder);?>
sso->bind?>
@@ -32,11 +34,16 @@ user->account?> - account, "class='form-control'")?> + account, "class='form-control' autocomplete='off'")?> user->password?> - + + + + + + user->password2?> @@ -75,5 +82,12 @@ $(function() $('#bindForm table tr.' + $(this).val()).removeClass('hide'); }) }) + +function checkPassword(password) +{ + $('#passwordStrength').html(password == '' ? '' : passwordStrengthList[computePasswordStrength(password)]); + $('#passwordStrength').css('display', password == '' ? 'none' : 'table-cell'); +} +user->passwordStrengthList)?> diff --git a/module/testtask/control.php b/module/testtask/control.php index 7bb3a9fa22..5da4c76189 100644 --- a/module/testtask/control.php +++ b/module/testtask/control.php @@ -595,7 +595,7 @@ class testtask extends control $cases = $this->dao->select('*')->from(TABLE_CASE)->where($query) ->andWhere('product')->eq($productID) ->andWhere('id')->notIN($linkedCases) - ->andWhere('branch')->in("0,$task->branch") + ->beginIF($task->branch)->andWhere('branch')->in("0,$task->branch")->fi() ->andWhere('deleted')->eq(0) ->orderBy('id desc') ->page($pager) diff --git a/module/testtask/model.php b/module/testtask/model.php index 683f7b580f..9087a83f28 100644 --- a/module/testtask/model.php +++ b/module/testtask/model.php @@ -64,7 +64,7 @@ class testtaskModel extends model */ public function getProductTasks($productID, $branch = 0, $orderBy = 'id_desc', $pager = null, $type = '') { - return $this->dao->select('t1.*, t2.name AS productName, t3.name AS projectName, t4.name AS buildName, if(t4.branch, t4.branch, t5.branch) AS branch') + return $this->dao->select("t1.*, t2.name AS productName, t3.name AS projectName, t4.name AS buildName, if(t4.name != '', t4.branch, t5.branch) AS branch") ->from(TABLE_TESTTASK)->alias('t1') ->leftJoin(TABLE_PRODUCT)->alias('t2')->on('t1.product = t2.id') ->leftJoin(TABLE_PROJECT)->alias('t3')->on('t1.project = t3.id') @@ -112,7 +112,7 @@ class testtaskModel extends model */ public function getById($taskID, $setImgSize = false) { - $task = $this->dao->select('t1.*, t2.name AS productName, t2.type AS productType, t3.name AS projectName, t4.name AS buildName, if(t4.branch, t4.branch, t5.branch) AS branch') + $task = $this->dao->select("t1.*, t2.name AS productName, t2.type AS productType, t3.name AS projectName, t4.name AS buildName, if(t4.name != '', t4.branch, t5.branch) AS branch") ->from(TABLE_TESTTASK)->alias('t1') ->leftJoin(TABLE_PRODUCT)->alias('t2')->on('t1.product = t2.id') ->leftJoin(TABLE_PROJECT)->alias('t3')->on('t1.project = t3.id') diff --git a/module/tree/model.php b/module/tree/model.php index 091eb17381..a60df33300 100644 --- a/module/tree/model.php +++ b/module/tree/model.php @@ -477,7 +477,7 @@ class treeModel extends model if(empty($runs)) return; } - $extra['branchID'] = $branch; + if(is_array($extra) or empty($extra)) $extra['branchID'] = $branch; $linkHtml = call_user_func($userFunc, $type, $module, $extra); if(isset($treeMenu[$module->id]) and !empty($treeMenu[$module->id])) diff --git a/module/user/lang/zh-cn.php b/module/user/lang/zh-cn.php index a45505cbc6..26bb4a12c4 100644 --- a/module/user/lang/zh-cn.php +++ b/module/user/lang/zh-cn.php @@ -144,8 +144,8 @@ $lang->user->placeholder->join = '入职日期'; $lang->user->placeholder->commiter = '版本控制系统(subversion)中的帐号'; $lang->user->placeholder->verify = '需要输入你的密码加以验证'; -$lang->user->placeholder->passwordStrength[1] = '强度必须为中,尽量多包含数字,大写字母'; -$lang->user->placeholder->passwordStrength[2] = '强度必须为强,15位以上,密码尽量复杂'; +$lang->user->placeholder->passwordStrength[1] = '强度必须为中,6位以上,包含大小写字母,数字。'; +$lang->user->placeholder->passwordStrength[2] = '强度必须为强,10位以上,包含字母,数字,特殊字符。'; $lang->user->error = new stdclass(); $lang->user->error->account = "ID %s,英文、数字和下划线的组合,三位以上"; diff --git a/module/user/model.php b/module/user/model.php index abb5a01d2b..28339e9606 100644 --- a/module/user/model.php +++ b/module/user/model.php @@ -991,54 +991,36 @@ class userModel extends model $strength = 0; $length = strlen($password); - if(strtolower($password) != $password) $strength += 1; - if(strtoupper($password) == $password) $strength += 1; - - if($length >= 4 && $length <= 7) - { - $strength += 1; - } - elseif($length >= 8 && $length <= 15) - { - $strength += 2; - } - elseif($length >= 16 && $length <= 35) - { - $strength += 3; - } - elseif($length > 35) - { - $strength += 4; - } - $uniqueChars = ''; + $complexity = array(); $chars = str_split($password); foreach($chars as $letter) { $asc = ord($letter); if($asc >= 48 && $asc <= 57) { - $strength += 2; + $complexity[2] = 2; } elseif($asc >= 65 && $asc <= 90) { - $strength += 2; + $complexity[1] = 2; } elseif($asc >= 97 && $asc <= 122) { - $strength += 1; + $complexity[0] = 1; } else { - $strength += 3; + $complexity[3] = 3; } if(strpos($uniqueChars, $letter) === false) $uniqueChars .= $letter; } - $strength += strlen($uniqueChars) * 2; + if(strlen($uniqueChars) > 4)$strength += strlen($uniqueChars) - 4; + $strength += array_sum($complexity) + (2 * (count($complexity) - 1)); + if($length < 6 and $strength >= 10) $strength = 9; - $strength = $strength > 89 ? 89 : $strength; + $strength = $strength > 29 ? 29 : $strength; $strength = floor($strength / 10); - $strength = floor($strength / 3); return $strength; } diff --git a/www/js/my.full.js b/www/js/my.full.js index 3fc58f0412..795fe2f432 100644 --- a/www/js/my.full.js +++ b/www/js/my.full.js @@ -1303,55 +1303,45 @@ function computePasswordStrength(password) var strength = 0; var length = password.length; - if(password.toLowerCase() != password) strength += 1; - if(password.toUpperCase() == password) strength += 1; - - if(length >= 4 && length <= 7) - { - strength += 1; - } - else if(length >= 8 && length <= 15) - { - strength += 2; - } - else if(length >= 16 && length <= 35) - { - strength += 3; - } - else if(length > 35) - { - strength += 4; - } - var uniqueChars = ''; + var complexity = new Array(); for(i = 0; i < length; i++) { letter = password.charAt(i); var asc = letter.charCodeAt(); if(asc >= 48 && asc <= 57) { - strength += 2; + complexity[2] = 2; } else if((asc >= 65 && asc <= 90)) { - strength += 2; + complexity[1] = 2; } else if(asc >= 97 && asc <= 122) { - strength += 1; + complexity[0] = 1; } else { - strength += 3; + complexity[3] = 3; } if(uniqueChars.indexOf(letter) == -1) uniqueChars += letter; } - strength += uniqueChars.length * 2; + if(uniqueChars.length > 4) strength += uniqueChars.length - 4; + var sumComplexity = 0; + var complexitySize = 0; + for(i in complexity) + { + complexitySize += 1; + sumComplexity += complexity[i]; + } + strength += sumComplexity + (2 * (complexitySize - 1)); + if(length < 6 && strength >= 10) strength = 9; + console.log(strength); - strength = strength > 89 ? 89 : strength; + strength = strength > 29 ? 29 : strength; strength = Math.floor(strength / 10); - strength = Math.floor(strength / 3); return strength; }