Check password strengh in ChangePasswordCommand too

2025-04-12 06:56:44 +02:00 · 2015-06-11 01:13:53 +02:00 · 2015-06-11 01:13:53 +02:00 · de2961b754
commit de2961b754
parent aa957cc7c9
1 changed files with 5 additions and 0 deletions
--- a/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
+++ b/src/main/java/fr/xephi/authme/commands/ChangePasswordCommand.java
@ -53,6 +53,11 @@ public class ChangePasswordCommand implements CommandExecutor {
            return true;
        }

+        String lowpass = args[1].toLowerCase();
+        if ((lowpass.contains("delete") || lowpass.contains("where") || lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from") || lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null")) || !lowpass.matches(Settings.getPassRegex)) {
+            m.send(player, "password_error");
+            return true;
+        }
        try {
            String hashnew = PasswordSecurity.getHash(Settings.getPasswordHash, args[1], name);