Bug 10177 rejects password with leading or trailing whitespaces, but
only on the member-password page.
It's not consistent to only do this check on 1 place.
This patch adds the check for the 2 other places: memberentry and at the
OPAC.
Test plan:
1/ Edit a patron and set a password with leading and/or trailing
whitespaces. You should not be allowed to do it (no server side check).
2/ Same at the OPAC ("Change you password" tab). Here there is a server
side check.
Followed test plan. Works as expected.
Signed-off-by: Marc VĂ©ron <veron@veron.ch>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
(cherry picked from commit
1b8f3194e9f616f46260c849eda5a9f6c717d5fa)
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
(cherry picked from commit
a19c1257eb9a91426b42b7bad94f211cd9f046a4)
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
}
//end function
+function check_password( password ) {
+ if ( password.match(/^\s/) || password.match(/\s$/)) {
+ return false;
+ }
+ return true;
+}
// function to test all fields in forms and nav in different forms(1 ,2 or 3)
function check_form_borrowers(nav){
statut=1;
}
+ if ( ! check_password( document.form.password.value ) ) {
+ message_champ += MSG_PASSWORD_CONTAINS_TRAILING_SPACES;
+ statut = 1;
+ }
+
//patrons form to test if you checked no to the question of double
if (statut!=1 && document.form.check_member.value > 0 ) {
if (!(document.form_double.answernodouble.checked)){
<script type="text/JavaScript">
//<![CDATA[
$(document).ready(function() {
+ var MSG_PASSWORD_CONTAINS_TRAILING_SPACES = _("Password contains leading and/or trailing spaces.");
$("#changepasswordf").submit(function(){
if($("input[name='newpassword']").val() != $("input[name='newpassword2']").val()){
alert(_("Passwords do not match"));
return false;
} else {
- if ($("input[name='newpassword']").val().match(/^\s/) || $("input[name='newpassword']").val().match(/\s$/)) {
- alert(_("Password contains leading and/or trailing spaces."));
+ if ( ! check_password( $("input[name='newpassword']").val() ) ) {
+ alert(MSG_PASSWORD_CONTAINS_TRAILING_SPACES);
return false;
} else {
return true;
var MSG_LATE_EXPIRY = _("Warning: Expiration date falls before enrollment date");
var MSG_DUPLICATE_SUSPICION = _("Please confirm whether this is a duplicate patron");
var MSG_PASSWORD_MISMATCH = _("The passwords entered do not match");
+ var MSG_PASSWORD_CONTAINS_TRAILING_SPACES = _("Password contains leading and/or trailing spaces.");
//]]>
</script>
<script type="text/javascript" src="[% themelang %]/js/members.js"></script>
[% IF ( WrongPass ) %]
Your current password was entered incorrectly. If this problem persists, please ask a librarian to re-set your password for you.
[% END %]
+ [% IF PasswordContainsTrailingSpaces %]
+ Your password contains leading and/or trailing spaces.
+ [% END %]
</p>
</div>
[% END # /IF Error_messages %]
&& $query->param('Confirm') )
{
if ( goodkey( $dbh, $borrowernumber, $query->param('Oldkey') ) ) {
- if ( $query->param('Newkey') eq $query->param('Confirm')
+ if ( $query->param('Newkey') =~ m|^\s+| or $query->param('Newkey') =~ m|\s+$| ) {
+ $template->param(
+ Error_messages => 1,
+ PasswordContainsTrailingSpaces => 1,
+ );
+ }
+ elsif ( $query->param('Newkey') eq $query->param('Confirm')
&& length( $query->param('Confirm') ) >= $minpasslen )
{ # Record password
my $clave = hash_password( $query->param('Newkey') );