0ct0pu5/forkbb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Set maximum passphrase length 100000 characters

Browse source 
Protection against possible overflow and DoS.
This commit is contained in:
Visman 2021-03-24 19:56:21 +07:00
parent f73e8d05c5
commit 5435a1cd51
6 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/Models/Pages/Admin/Users/Action.php
View file

@ -247,7 +247,7 @@ class Action extends Users
$user->isAdmin
|| $user->id === $this->user->id
) {
$rulePass = 'required|string:trim|check_password';
$rulePass = 'required|string:trim|max:100000|check_password';
}
} else {
$link = $this->c->Router->link('AdminUsers');

2
app/Models/Pages/Admin/Users/NewUser.php
View file

@ -34,7 +34,7 @@ class NewUser extends Users
'token' => 'token:AdminUsersNew',
'email' => 'required|string:trim|email:noban,unique',
'username' => 'required|string:trim|username',
'password' => 'required|string|min:16|password',
'password' => 'required|string|min:16|max:100000|password',
])->addAliases([
'email' => 'Email',
'username' => 'Username',

4
app/Models/Pages/Auth.php
View file

@ -61,7 +61,7 @@ class Auth extends Page
'token' => 'token:Login',
'redirect' => 'required|referer:Index',
'username' => 'required|string',
'password' => 'required|string|login_check',
'password' => 'required|string|max:100000|login_check',
'save' => 'checkbox',
'login' => 'required|string',
])->addAliases([
@ -382,7 +382,7 @@ class Auth extends Page
$v = $this->c->Validator->reset()
->addRules([
'token' => 'token:ChangePassword',
'password' => 'required|string|min:16|password',
'password' => 'required|string|min:16|max:100000|password',
'password2' => 'required|same:password',
'submit' => 'required|string',
])->addAliases([

2
app/Models/Pages/Profile/Email.php
View file

@ -70,7 +70,7 @@ class Email extends Profile
'check_password' => [$this, 'vCheckPassword'],
])->addRules([
'token' => 'token:EditUserEmail',
'password' => 'required|string:trim|check_password',
'password' => 'required|string:trim|max:100000|check_password',
'new_email' => 'required|string:trim|email',
'submit' => 'required|string',
])->addAliases([

4
app/Models/Pages/Profile/Pass.php
View file

@ -40,8 +40,8 @@ class Pass extends Profile
'check_password' => [$this, 'vCheckPassword'],
])->addRules([
'token' => 'token:EditUserPass',
'password' => 'required|string:trim|check_password',
'new_pass' => 'required|string:trim|password',
'password' => 'required|string:trim|max:100000|check_password',
'new_pass' => 'required|string:trim|min:16|max:100000|password',
'submit' => 'required|string',
])->addAliases([
'new_pass' => 'New pass',

2
app/Models/Pages/Register.php
View file

@ -34,7 +34,7 @@ class Register extends Page
'on' => 'integer',
'email' => 'required_with:on|string:trim|email:noban',
'username' => 'required_with:on|string:trim|username',
'password' => 'required_with:on|string|min:16|password',
'password' => 'required_with:on|string|min:16|max:100000|password',
'register' => 'required|string',
])->addAliases([
'email' => 'Email',