mirror of
https://github.com/WordPress/WordPress.git
synced 2024-09-27 06:42:56 +02:00
Users: Check zxcvbn is defined before calling.
Prevents JavaScript errors by checking zxcvbn is defined before calling. Changes `wp.passwordStrength.meter()` to return `-1` if the strength of the password is unknown. On the user profile screen, `generatePassword()` checks if the user has entered the password before setting the value of the password input box. Props peterwilsoncc, adamsilverstein. Fixes #34905. Built from https://develop.svn.wordpress.org/trunk@37940 git-svn-id: http://core.svn.wordpress.org/trunk@37881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Peter Wilson
parent
8aa1c37590
commit
26c07ed8d9
@ -18,6 +18,11 @@ var passwordStrength;
|
||||
if (password1 != password2 && password2 && password2.length > 0)
|
||||
return 5;
|
||||
|
||||
if ( 'undefined' === typeof window.zxcvbn ) {
|
||||
// Password strength unknown.
|
||||
return -1;
|
||||
}
|
||||
|
||||
var result = zxcvbn( password1, blacklist );
|
||||
return result.score;
|
||||
},
|
||||
|
||||
2
wp-admin/js/password-strength-meter.min.js
vendored
2
wp-admin/js/password-strength-meter.min.js
vendored
@ -1 +1 @@
|
||||
window.wp=window.wp||{};var passwordStrength;!function(a){wp.passwordStrength={meter:function(b,c,d){if(a.isArray(c)||(c=[c.toString()]),b!=d&&d&&d.length>0)return 5;var e=zxcvbn(b,c);return e.score},userInputBlacklist:function(){var b,c,d,e,f=[],g=[],h=["user_login","first_name","last_name","nickname","display_name","email","url","description","weblog_title","admin_email"];for(f.push(document.title),f.push(document.URL),c=h.length,b=0;c>b;b++)e=a("#"+h[b]),0!==e.length&&(f.push(e[0].defaultValue),f.push(e.val()));for(d=f.length,b=0;d>b;b++)f[b]&&(g=g.concat(f[b].replace(/\W/g," ").split(" ")));return g=a.grep(g,function(b,c){return""===b||4>b.length?!1:a.inArray(b,g)===c})}},passwordStrength=wp.passwordStrength.meter}(jQuery);
|
||||
window.wp=window.wp||{};var passwordStrength;!function(a){wp.passwordStrength={meter:function(b,c,d){if(a.isArray(c)||(c=[c.toString()]),b!=d&&d&&d.length>0)return 5;if("undefined"==typeof window.zxcvbn)return-1;var e=zxcvbn(b,c);return e.score},userInputBlacklist:function(){var b,c,d,e,f=[],g=[],h=["user_login","first_name","last_name","nickname","display_name","email","url","description","weblog_title","admin_email"];for(f.push(document.title),f.push(document.URL),c=h.length,b=0;c>b;b++)e=a("#"+h[b]),0!==e.length&&(f.push(e[0].defaultValue),f.push(e.val()));for(d=f.length,b=0;d>b;b++)f[b]&&(g=g.concat(f[b].replace(/\W/g," ").split(" ")));return g=a.grep(g,function(b,c){return""===b||4>b.length?!1:a.inArray(b,g)===c})}},passwordStrength=wp.passwordStrength.meter}(jQuery);
|
||||
@ -30,20 +30,30 @@
|
||||
function generatePassword() {
|
||||
if ( typeof zxcvbn !== 'function' ) {
|
||||
setTimeout( generatePassword, 50 );
|
||||
} else {
|
||||
return;
|
||||
} else if ( ! $pass1.val() ) {
|
||||
// zxcvbn loaded before user entered password.
|
||||
$pass1.val( $pass1.data( 'pw' ) );
|
||||
$pass1.trigger( 'pwupdate' ).trigger( 'wp-check-valid-field' );
|
||||
if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
|
||||
$pass1Wrap.addClass( 'show-password' );
|
||||
} else {
|
||||
$toggleButton.trigger( 'click' );
|
||||
}
|
||||
$pass1.trigger( 'pwupdate' );
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
}
|
||||
else {
|
||||
// zxcvbn loaded after the user entered password, check strength.
|
||||
check_pass_strength();
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
}
|
||||
|
||||
if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
|
||||
$pass1Wrap.addClass( 'show-password' );
|
||||
} else {
|
||||
$toggleButton.trigger( 'click' );
|
||||
}
|
||||
|
||||
// Once zxcvbn loads, passwords strength is known.
|
||||
$( '#pw-weak-text-label' ).html( userProfileL10n.warnWeak );
|
||||
}
|
||||
|
||||
function bindPass1() {
|
||||
var passStrength = $('#pass-strength-result')[0];
|
||||
|
||||
currentPass = $pass1.val();
|
||||
|
||||
$pass1Wrap = $pass1.parent();
|
||||
@ -82,19 +92,7 @@
|
||||
$pass1Text.val( currentPass );
|
||||
}
|
||||
$pass1.add( $pass1Text ).removeClass( 'short bad good strong' );
|
||||
|
||||
if ( passStrength.className ) {
|
||||
$pass1.add( $pass1Text ).addClass( passStrength.className );
|
||||
if ( 'short' === passStrength.className || 'bad' === passStrength.className ) {
|
||||
if ( ! $weakCheckbox.prop( 'checked' ) ) {
|
||||
$submitButtons.prop( 'disabled', true );
|
||||
}
|
||||
$weakRow.show();
|
||||
} else {
|
||||
$submitButtons.prop( 'disabled', false );
|
||||
$weakRow.hide();
|
||||
}
|
||||
}
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
} );
|
||||
}
|
||||
|
||||
@ -289,6 +287,9 @@
|
||||
strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputBlacklist(), pass1 );
|
||||
|
||||
switch ( strength ) {
|
||||
case -1:
|
||||
$( '#pass-strength-result' ).addClass( 'bad' ).html( pwsL10n.unknown );
|
||||
break;
|
||||
case 2:
|
||||
$('#pass-strength-result').addClass('bad').html( pwsL10n.bad );
|
||||
break;
|
||||
@ -306,6 +307,23 @@
|
||||
}
|
||||
}
|
||||
|
||||
function showOrHideWeakPasswordCheckbox() {
|
||||
var passStrength = $('#pass-strength-result')[0];
|
||||
|
||||
if ( passStrength.className ) {
|
||||
$pass1.add( $pass1Text ).addClass( passStrength.className );
|
||||
if ( 'short' === passStrength.className || 'bad' === passStrength.className ) {
|
||||
if ( ! $weakCheckbox.prop( 'checked' ) ) {
|
||||
$submitButtons.prop( 'disabled', true );
|
||||
}
|
||||
$weakRow.show();
|
||||
} else {
|
||||
$submitButtons.prop( 'disabled', false );
|
||||
$weakRow.hide();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$(document).ready( function() {
|
||||
var $colorpicker, $stylesheet, user_id, current_user_id,
|
||||
select = $( '#display_name' );
|
||||
|
||||
2
wp-admin/js/user-profile.min.js
vendored
2
wp-admin/js/user-profile.min.js
vendored
File diff suppressed because one or more lines are too long
@ -531,7 +531,7 @@ if ( $show_password_fields = apply_filters( 'show_password_fields', true, $profi
|
||||
<td>
|
||||
<label>
|
||||
<input type="checkbox" name="pw_weak" class="pw-checkbox" />
|
||||
<?php _e( 'Confirm use of weak password' ); ?>
|
||||
<span id="pw-weak-text-label"><?php _e( 'Confirm use of potentially weak password' ); ?></span>
|
||||
</label>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
@ -380,6 +380,7 @@ function wp_default_scripts( &$scripts ) {
|
||||
|
||||
$scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 );
|
||||
did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', array(
|
||||
'unknown' => _x( 'Password strength unknown', 'password strength' ),
|
||||
'short' => _x( 'Very weak', 'password strength' ),
|
||||
'bad' => _x( 'Weak', 'password strength' ),
|
||||
'good' => _x( 'Medium', 'password strength' ),
|
||||
@ -390,6 +391,7 @@ function wp_default_scripts( &$scripts ) {
|
||||
$scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter', 'wp-util' ), false, 1 );
|
||||
did_action( 'init' ) && $scripts->localize( 'user-profile', 'userProfileL10n', array(
|
||||
'warn' => __( 'Your new password has not been saved.' ),
|
||||
'warnWeak' => __( 'Confirm use of weak password.' ),
|
||||
'show' => __( 'Show' ),
|
||||
'hide' => __( 'Hide' ),
|
||||
'cancel' => __( 'Cancel' ),
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '4.6-beta1-37937';
|
||||
$wp_version = '4.6-beta1-37940';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user