PHP Velho Oeste 2024
    Edit Report a Bug

    crack_check

    (PECL crack >= 0.1)

    crack_checkFaz uma conferencia obscura com a senha indicada

    Descrição

    crack_check ( resource $dictionary , string $password ) : bool
    crack_check ( string $password ) : bool

    Realiza uma conferencia obscura com o password dado no dicionário especificado.

    Aviso

    Esta função é EXPERIMENTAL. O comportamento, seu nome e documentação podem mudar sem aviso em futuras versões do PHP. Utilize por sua própria conta e risco.

    Parâmetros

    dictionary

    O dicionário crack lib. Se não for especificado, o último dicionário aberto é usado.

    password

    O password testado.

    Valor Retornado

    Retorna TRUE se password é forte, ou FALSE se não for.

    add a note add a note

    User Contributed Notes 2 notes

    up
    -4
    Anonymous
    14 years ago
    In addition to the usual checks crack can also check for similarities between the password and a username and gecos field (the gecos field normally contains the person's full name on unix systems).

    There is a third format for the function call which supplies these additional parameters:

    bool crack_check (string $password, string $username, string $gecos, resource $dictionary)

    This is true of PECL crack version 0.4, I'm not sure about earlier versions.
    up
    -7
    vkontakte at mralston dot com
    14 years ago
    If you need to test a password with cracklib but don't have the necessary module available in PHP, you can use a function like this.
    It requires the command line cracklib-check binary in /usr/sbin, but changing its location is trivial.
    The $message variable will contain cracklib's complaint (if there is one)
    You'll want to wrap your invocation of this function in a try...catch block.

    <?php
    function cracklibCheck($password, &$message)
    {
            // Clean up password
            $password=str_replace("\r", "", $password);
            $password=str_replace("\n", "", $password);

            // Run password through cracklib-check
            exec("echo ".escapeshellarg($password)." | /usr/sbin/cracklib-check 2>/dev/null", $output, $return_var);
       
            // Check it ran properly
            if($return_var==0)
        {
            if(    preg_match("/^.*\: ([^:]+)$/", $output[0], $matches))
            {
                    // Check response
                    if(strtoupper($matches[1])=="OK")
                {
                        // Password is strong
                        $message="";
                    return(    true);
                }
                else
                {
                        // Cracklib doesn't like it
                        $message=$matches[1];
                    return(    false);
                }
            }
            else
            {
                    // Badly formatted response from cracklib-check.
                    throw new Exception("Didn't understand cracklib-check response.");
            }
        }
        else
        {
                // Some sort of execution error
                throw new Exception("Failed to run cracklib-check.");
        }
    }
    ?>
    add a note add a note
    To Top