diff options
Diffstat (limited to 'FS')
| -rw-r--r-- | FS/FS/Password_Mixin.pm | 23 | ||||
| -rw-r--r-- | FS/FS/svc_acct.pm | 1 |
2 files changed, 24 insertions, 0 deletions
diff --git a/FS/FS/Password_Mixin.pm b/FS/FS/Password_Mixin.pm index 327eda86c..eb1db81e8 100644 --- a/FS/FS/Password_Mixin.pm +++ b/FS/FS/Password_Mixin.pm @@ -69,6 +69,29 @@ sub is_password_allowed { return '' unless $self->get($self->primary_key); # for validating new passwords pre-insert + #check against customer fields + my $cust_main = $self->cust_main; + if ($cust_main) { + my @words; + # words from cust_main + foreach my $field ( qw( last first daytime night fax mobile ) ) { + push @words, split(/\W/,$cust_main->get($field)); + } + # words from cust_location + foreach my $loc ($cust_main->cust_location) { + foreach my $field ( qw(address1 address2 city county state zip) ) { + push @words, split(/\W/,$loc->get($field)); + } + } + # do the actual checking + foreach my $word (@words) { + next unless length($word) > 2; + if ($password =~ /$word/i) { + return qq(Password contains account information '$word'); + } + } + } + if ( $conf->config('password-no_reuse') =~ /^(\d+)$/ ) { my $no_reuse = $1; diff --git a/FS/FS/svc_acct.pm b/FS/FS/svc_acct.pm index e963c8082..203150f7c 100644 --- a/FS/FS/svc_acct.pm +++ b/FS/FS/svc_acct.pm @@ -2785,6 +2785,7 @@ sub password_svc_check { my ($self, $password) = @_; foreach my $field ( qw(username finger) ) { foreach my $word (split(/\W+/,$self->get($field))) { + next unless length($word) > 2; if ($password =~ /$word/i) { return qq(Password contains account information '$word'); } |