mirror of
https://github.com/AuthMe/AuthMeReloaded.git
synced 2024-10-16 23:35:02 +02:00
PW lenght and unsafe PW check to ChangePassword
I told you, you missed it! Also, unified "lowpass.equalsIgnoreCase(name)" to the previous group of checks. This, however, still provides "Password doesn't match" error, instead of one proper error.
This commit is contained in:
parent
f3c2967e83
commit
0b1490bd65
@ -54,14 +54,20 @@ public class ChangePasswordCommand implements CommandExecutor {
|
|||||||
}
|
}
|
||||||
|
|
||||||
String lowpass = args[1].toLowerCase();
|
String lowpass = args[1].toLowerCase();
|
||||||
if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex)) {
|
if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex) || lowpass.equalsIgnoreCase(name)) {
|
||||||
m.send(player, "password_error");
|
m.send(player, "password_error");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
if (lowpass.equalsIgnoreCase(name)) {
|
if (lowpass.length() < Settings.getPasswordMinLen || lowpass.length() > Settings.passwordMaxLength) {
|
||||||
m.send(player, "password_error");
|
m.send(player, "pass_len");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
if (!Settings.unsafePasswords.isEmpty()) {
|
||||||
|
if (Settings.unsafePasswords.contains(lowpass)) {
|
||||||
|
m.send(player, "password_error");
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, args[1], name);
|
String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, args[1], name);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user