5 лет назад · dbfa4e93f9
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
				 
			
 
				 [Hestia Control Panel](https://www.hestiacp.com/)
			
 
				 ==================================================
			
 
				-**Latest stable release:** Version 1.2.1 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
			
 
				+**Latest stable release:** Version 1.2.2 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
			
 
				 
			
 
				 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
			
 
				 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>
			
--- a/web/add/db/index.php
+++ b/web/add/db/index.php
@@ -42,7 +42,7 @@ if (!empty($_POST['ok'])) {
 
				 
			
 
				     // Check password length
			
 
				     if (empty($_SESSION['error_msg'])) {
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); }
			
 
				+         if (!validate_password($_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements');}
			
 
				     }
			
 
				 
			
 
				     // Protect input
			
--- a/web/add/mail/index.php
+++ b/web/add/mail/index.php
@@ -123,7 +123,7 @@ if (!empty($_POST['ok_acc'])) {
 
				     
			
 
				     // Check password length
			
 
				     if (empty($_SESSION['error_msg']) && !empty($_POST['v_fwd_only']) ) {
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); }
			
 
				+        if (!validate_password($_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements');}
			
 
				     }
			
 
				 
			
 
				     // Protect input
			
--- a/web/add/user/index.php
+++ b/web/add/user/index.php
@@ -45,7 +45,7 @@ if (!empty($_POST['ok'])) {
 
				 
			
 
				     // Check password length
			
 
				     if (empty($_SESSION['error_msg'])) {
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); }
			
 
				+        if (!validate_password($_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); }
			
 
				     }
			
 
				 
			
 
				     // Protect input
			
--- a/web/edit/db/index.php
+++ b/web/edit/db/index.php
@@ -63,8 +63,8 @@ if (!empty($_POST['save'])) {
 
				 
			
 
				     // Change database password
			
 
				     if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { 
			
 
				-            $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); 
			
 
				+        if (!validate_password($_POST['v_password'])) { 
			
 
				+             $_SESSION['error_msg'] = __('Password does not match the minimum requirements');
			
 
				         }else{ 
			
 
				             $v_password = tempnam("/tmp","vst");
			
 
				             $fp = fopen($v_password, "w");
			
--- a/web/edit/mail/index.php
+++ b/web/edit/mail/index.php
@@ -398,8 +398,8 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
 
				 
			
 
				     // Change password
			
 
				     if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { 
			
 
				-            $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); 
			
 
				+        if (!validate_password($_POST['v_password'])) { 
			
 
				+            $_SESSION['error_msg'] = __('Password does not match the minimum requirements');
			
 
				         }else{         
			
 
				             $v_password = tempnam("/tmp","vst");
			
 
				             $fp = fopen($v_password, "w");
			
--- a/web/edit/user/index.php
+++ b/web/edit/user/index.php
@@ -100,7 +100,9 @@ if (!empty($_POST['save'])) {
 
				     if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
			
 
				         // Check password length
			
 
				         $pw_len = strlen($_POST['v_password']);
			
 
				-        if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/', $_POST['v_password'])) { $_SESSION['error_msg'] = __('Password does not match the minimum requirements'); }
			
 
				+        if (!validate_password($_POST['v_password'])) { 
			
 
				+            $_SESSION['error_msg'] = __('Password does not match the minimum requirements');
			
 
				+        } 
			
 
				         if (empty($_SESSION['error_msg'])) {
			
 
				             $v_password = tempnam("/tmp","vst");
			
 
				             $fp = fopen($v_password, "w");
			
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -385,3 +385,11 @@ function backendtpl_with_webdomains() {
 
				     }
			
 
				     return $backend_list;
			
 
				 }
			
 
				+/**
			
 
				+ * Check if password is valid
			
 
				+ *
			
 
				+ * @return int; 1 / 0
			
 
				+ */
			
 
				+function validate_password($password){
			
 
				+    return preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(.){8,}$/', $password);
			
 
				+}