diff options
| -rw-r--r-- | FS/FS/svc_acct.pm | 21 | ||||
| -rwxr-xr-x | httemplate/edit/process/svc_acct.cgi | 4 | ||||
| -rwxr-xr-x | httemplate/edit/svc_acct.cgi | 4 |
3 files changed, 17 insertions, 12 deletions
diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm index 649a783..19f2921 100644 --- a/FS/FS/svc_acct.pm +++ b/FS/FS/svc_acct.pm @@ -1184,13 +1184,14 @@ sub check { # First, if _password is blank, generate one and set default encoding. if ( ! $recref->{_password} ) { - $self->set_password(''); + $error = $self->set_password(''); } # But if there's a _password but no encoding, assume it's plaintext and # set it to default encoding. elsif ( ! $recref->{_password_encoding} ) { - $self->set_password($recref->{_password}); + $error = $self->set_password($recref->{_password}); } + return $error if $error; # Next, check _password to ensure compliance with the encoding. if ( $recref->{_password_encoding} eq 'ldap' ) { @@ -1232,11 +1233,8 @@ sub check { $recref->{_password} =~ /\!/ and return gettext('illegal_password'); } } - elsif ( $recref->{_password_encoding} eq 'legacy' ) { - # this happens when set_password fails - return gettext('illegal_password'). " $passwordmin-$passwordmax ". - FS::Msgcat::_gettext('illegal_password_characters'). - ": ". $recref->{_password}; + else { + return "invalid password encoding ('".$recref->{_password_encoding}."'"; } $self->SUPER::check; @@ -1300,7 +1298,14 @@ sub set_password { my $self = shift; my $pass = shift; my ($encoding, $encryption); + my $failure = gettext('illegal_password'). " $passwordmin-$passwordmax ". + FS::Msgcat::_gettext('illegal_password_characters'). + ": ". $pass; + if(($passwordmin and length($pass) < $passwordmin) or + ($passwordmax and length($pass) > $passwordmax)) { + return $failure; + } if($self->_password_encoding) { $encoding = $self->_password_encoding; @@ -1344,7 +1349,7 @@ sub set_password { $self->_password_encoding('crypt'); } else { - # do nothing; check() will recognize this as an error + return $failure; } } } diff --git a/httemplate/edit/process/svc_acct.cgi b/httemplate/edit/process/svc_acct.cgi index c19c2a5..515d89e 100755 --- a/httemplate/edit/process/svc_acct.cgi +++ b/httemplate/edit/process/svc_acct.cgi @@ -11,6 +11,7 @@ die "access denied" $cgi->param('svcnum') =~ /^(\d*)$/ or die "Illegal svcnum!"; my $svcnum = $1; +my $error; my $old; if ( $svcnum ) { @@ -45,10 +46,9 @@ if( $cgi->param('clear_password') eq '*HIDDEN*' die "fatal: no previous account to recall hidden password from!" unless $old; } else { - $new->set_password($cgi->param('clear_password')); + $error = $new->set_password($cgi->param('clear_password')); } -my $error; if ( $svcnum ) { foreach (grep { $old->$_ != $new->$_ } qw( seconds upbytes downbytes totalbytes )) { my %hash = map { $_ => $new->$_ } diff --git a/httemplate/edit/svc_acct.cgi b/httemplate/edit/svc_acct.cgi index 9c3e8de..afbd002 100755 --- a/httemplate/edit/svc_acct.cgi +++ b/httemplate/edit/svc_acct.cgi @@ -12,7 +12,7 @@ <SCRIPT TYPE="text/javascript"> function randomPass() { var i=0; - var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9', '.', '/') %>'; + var pw_set='<% join('', 'a'..'z', 'A'..'Z', '0'..'9' ) %>'; var pass=''; while(i < 8) { i++; @@ -48,7 +48,7 @@ Service # <% $svcnum ? "<B>$svcnum</B>" : " (NEW)" %><BR> <TD ALIGN="right">Password</TD> <TD> <INPUT TYPE="text" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>> - <INPUT TYPE="button" VALUE="Randomize" onclick="randomPass();"> + <INPUT TYPE="button" VALUE="Generate" onclick="randomPass();"> </TD> </TR> %}else{ |