diff options
| author | arf20 <aruizfernandez05@gmail.com> | 2024-03-20 12:43:32 +0100 |
|---|---|---|
| committer | arf20 <aruizfernandez05@gmail.com> | 2024-03-20 12:43:32 +0100 |
| commit | 342ddb4141290b257ec9532b47506f1a26516515 (patch) | |
| tree | 0a24bd18d25d1abad09c8f3e39d6b6e64e0ba665 | |
| parent | 536e4db3309a37455465bb2b2967f106d2b99ddf (diff) | |
| download | arfnet2-cstims-342ddb4141290b257ec9532b47506f1a26516515.tar.gz arfnet2-cstims-342ddb4141290b257ec9532b47506f1a26516515.zip | |
Remove password restrictions and ver. code without symbols
| -rwxr-xr-x | login.php | 4 | ||||
| -rwxr-xr-x | register.php | 6 |
2 files changed, 3 insertions, 7 deletions
@@ -30,8 +30,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $password_err = "Enter a password.";
else if (strlen($_POST["password"]) < 8)
$password_err = "Password must have at least 8 characters.";
- else if (preg_match("/[a-zA-Z0-9!@^*$%&)(=+çñÇ][}{\-.,_:;]+/", $_POST["password"]) != false)
- $password_err = "Password must be in the format [a-zA-Z0-9!@^*$%&)(=+çñÇ][}{-.,_:;].";
else
$password = $_POST["password"];
@@ -118,7 +116,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { </div>
<div class="form-group row <?php echo (!empty($password_err)) ? 'has-error' : ''; ?>">
<div class="column"><label>Password</label></div>
- <div class="column"><input type="password" name="password" pattern="[a-zA-Z0-9_]+" class="form-control"></div>
+ <div class="column"><input type="password" name="password" class="form-control"></div>
<span class="help-block"><?php echo $password_err; ?></span>
</div>
<div class="form-group">
diff --git a/register.php b/register.php index 3ef957a..f235d40 100755 --- a/register.php +++ b/register.php @@ -71,8 +71,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $password_err = "Enter a password.";
else if (strlen($_POST["password"]) < 8)
$password_err = "Password must have at least 8 characters.";
- else if (preg_match("/[a-zA-Z0-9!@^*$%&)(=+çñÇ][}{\-.,_:;]+/", $_POST["password"]) != false)
- $password_err = "Password must be in the format [a-zA-Z0-9!@^*$%&)(=+çñÇ][}{-.,_:;].";
else
$password = $_POST["password"];
@@ -94,7 +92,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
$param_email = $email;
- $param_verifycode = base64_encode(random_bytes(12)); // code of size 16
+ $param_verifycode = substr(sha1(random_bytes(64)), 0, 16); // random 16 character code
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
@@ -151,7 +149,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { </div>
<div class="form-group row <?php echo (!empty($confirm_password_err)) ? 'has-error' : ''; ?>">
<div class="column"><label>Confirm Password</label></div>
- <div class="column"><input type="password" name="confirm_password" class="form-control" pattern="[a-zA-Z0-9!@^*$%&)(=+çñÇ[]{}-.,_:;]+" value="<?php echo $confirm_password; ?>"></div>
+ <div class="column"><input type="password" name="confirm_password" class="form-control" value="<?php echo $confirm_password; ?>"></div>
<span class="help-block"><?php echo $confirm_password_err; ?></span>
</div>
<div class="form-group">
|