Improve password validation
diff --git a/templates/register.htm b/templates/register.htm
index bfd6318..4f116d2 100644
--- a/templates/register.htm
+++ b/templates/register.htm
@@ -25,9 +25,9 @@
class="form-control <?php if(isset($error) && $error && !isset($_POST['name'])){echo 'border-danger';}?>"
placeholder="John"
value="<?php echo isset($_POST['name']) ? htmlspecialchars($_POST['name']) : '' ?>" />
- </div>
- <div class="invalid-feedback">
- Please provide a first name with at least 2 not whitespace characters.
+ <div class="invalid-feedback">
+ Please provide a first name with at least 2 characters.
+ </div>
</div>
</div>
<div class="col">
@@ -38,9 +38,9 @@
class="form-control <?php if(isset($error) && $error && !isset($_POST['last_name'])){echo 'border-danger';}?>"
placeholder="Doe"
value="<?php echo isset($_POST['last_name']) ? htmlspecialchars($_POST['last_name']) : '' ?>" />
- </div>
- <div class="invalid-feedback">
- Please provide a last name with at least 2 not whitespace characters.
+ <div class="invalid-feedback">
+ Please provide a last name with at least 2 characters.
+ </div>
</div>
</div>
</div>
@@ -63,7 +63,7 @@
<input pattern="[^\s]{<?php echo $VAL_USER->min_password.','.$VAL_USER->max_password;?>}" required
title="At least 8 not whitespace characters" name="password" type="password" id="pw1"
class="form-control <?php if(isset($error) && $error && !isset($_POST['password'])){echo 'border-danger';}?>"
- placeholder="********" oninput="passUpdated()"
+ placeholder="********" oninput="check_password_match()"
value="<?php echo isset($_POST['password']) ? htmlspecialchars($_POST['password']) : '' ?>" />
<div class="progress mt-2">
<div class="progress-bar bg-danger" role="progressbar" id="pwqbar" aria-valuenow="0" aria-valuemin="0"
@@ -81,13 +81,17 @@
</div>
-->
<!-- Password input -->
- <div class="form-outline mb-3">
+ <div id="pwconfirm" class="form-outline mb-3">
<label class="form-label font-weight-bold" for="pw2">Confirm your Password*</label>
<input pattern="[^\s]{<?php echo $VAL_USER->min_password.','.$VAL_USER->max_password;?>}" required
title="At least 8 not whitespace characters" name="password_confirm" type="password" id="pw2"
class="form-control <?php if(isset($error) && $error && !isset($_POST['password_confirm'])){echo 'border-danger';}?>"
- placeholder="********" oninput="validate_pw2(this)" />
- </div> <hr class="mt-2 mb-3" />
+ placeholder="********" oninput="check_password_match()" />
+ <div class="invalid-feedback">
+ Passwords do not match.
+ </div>
+ </div>
+ <hr class="mt-2 mb-3" />
<div class="form-outline mb-3">
<label class="form-label font-weight-bold" for="eula">End User License Agreement*</label>
<div class="form-group form-check">
@@ -163,13 +167,23 @@
});
}, false);
})();
- function validate_pw2(pw2) {
- if (pw2.value !== $("#pw1").val()) {
- pw2.setCustomValidity("Passwords do not match");
+
+ function check_password_match() {
+ pass = $("#pw1").val();
+ pass2 = $("#pw2").val();
+
+ if (pass2.length > 0) {
+ $("#pwconfirm")[0].classList.add('was-validated')
+ if (pass != pass2) {
+ $("#pw2")[0].setCustomValidity("Passwords do not match");
} else {
- pw2.setCustomValidity(""); // is valid
+ $("#pw2")[0].setCustomValidity(""); // is valid
}
+ } else {
+ $("#pwconfirm")[0].classList.remove('was-validated')
}
+ passUpdated();
+ }
TOO_SHORT ='Password too short, still %% characters needed';
TOO_LONG ='Password too long, please remove %% characters';
@@ -342,7 +356,7 @@
message=QUAL_GOOD;
else if (nScore >= 40)
message=QUAL_MEDIUM;
- else if (nScore >= 20)
+ else if (nScore >= 10)
message=QUAL_LOW;
else
message=QUAL_NONE;
diff --git a/validators.php b/validators.php
index 3b59616..821c391 100644
--- a/validators.php
+++ b/validators.php
@@ -108,7 +108,6 @@
include "config.php";
include $TEMPLATE . 'strings.php';
$error = "";
- return $error;
if ($_POST["password"] != $_POST["password_confirm"]) {;
$error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
unset($_POST["password_confirm"]);