From 52e1a9879d14fb6309684cfdf564154eb0b8a387 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Fri, 29 Jan 2016 12:16:21 -0500
Subject: [PATCH] Merge branch 'master' of http://git.ispconfig.org/ispconfig/ispconfig3

---
 interface/lib/classes/validate_password.inc.php |   16 +++++++++++++---
 1 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/validate_password.inc.php b/interface/lib/classes/validate_password.inc.php
index 543a90e..f36f162 100644
--- a/interface/lib/classes/validate_password.inc.php
+++ b/interface/lib/classes/validate_password.inc.php
@@ -33,24 +33,34 @@
 	
 	private function _get_password_strength($password) {
 		$length = strlen($password);
+		
 		$points = 0;
 		if ($length < 5) {
 			return 1;
 		}
 
+		$different = 0;
+		if (preg_match('/[abcdefghijklnmopqrstuvwxyz]/', $password)) {
+			$different += 1;
+		}
+
 		if (preg_match('/[ABCDEFGHIJKLNMOPQRSTUVWXYZ]/', $password)) {
 			$points += 1;
+			$different += 1;
 		}
 
 		if (preg_match('/[0123456789]/', $password)) {
 			$points += 1;
+			$different += 1;
 		}
 
-		if (preg_match('/[`~!@#$%^&*()_+|\\=-[]}{\';:\/?.>,<" ]/', $password)) {
+		if (preg_match('/[`~!@#$%^&*()_+|\\=\-\[\]}{\';:\/?.>,<" ]/', $password)) {
 			$points += 1;
+			$different += 1;
 		}
+		
 
-		if ($points == 0) {
+		if ($points == 0 || $different < 3) {
 			if ($length >= 5 && $length <= 6) {
 				return 1;
 			} else if ($length >= 7 && $length <= 8) {
@@ -114,7 +124,7 @@
 			$lng_text = str_replace('{chars}', $min_password_length, $lng_text);
 		}
 		if(!$lng_text) $lng_text = 'weak_password_txt'; // always return a string, even if language is missing - otherwise validator is NOT MATCHING!
-		
+
 		if(strlen($field_value) < $min_password_length) return $lng_text;
 		if($this->_get_password_strength($field_value) < $min_password_strength) return $lng_text;
 		

--
Gitblit v1.9.1