remove password-suggestion if a custom regex is defined; added password-complexity-settings for non-regex users to define what generated passwords should contain, thx to Marco Vogt; fixes #1216

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

lib/functions/validate/function.validatePassword.php

@@ -30,7 +30,7 @@ function validatePassword($password = null) {
 	
 	if (Settings::Get('panel.password_min_length') > 0) {
 		$password = validate(
-			$password, 
+			$password,
 			Settings::Get('panel.password_min_length'),
 			'/^.{'.(int)Settings::Get('panel.password_min_length').',}$/D',
 			'notrequiredpasswordlength'
@@ -39,11 +39,44 @@ function validatePassword($password = null) {
 	
 	if (Settings::Get('panel.password_regex') != '') {
 		$password = validate(
-			$password, 
+			$password,
 			Settings::Get('panel.password_regex'),
 			Settings::Get('panel.password_regex'),
 			'notrequiredpasswordcomplexity'
 		);
+	} else {
+		if (Settings::Get('panel.password_alpha_lower')) {
+			$password = validate(
+				$password,
+				'/.*[a-z]+.*/',
+				'/.*[a-z]+.*/',
+				'notrequiredpasswordcomplexity'
+			);
+		}
+		if (Settings::Get('panel.password_alpha_upper')) {
+			$password = validate(
+				$password,
+				'/.*[A-Z]+.*/',
+				'/.*[A-Z]+.*/',
+				'notrequiredpasswordcomplexity'
+			);
+		}
+		if (Settings::Get('panel.password_numeric')) {
+			$password = validate(
+				$password,
+				'/.*[0-9]+.*/',
+				'/.*[0-9]+.*/',
+				'notrequiredpasswordcomplexity'
+			);
+		}
+		if (Settings::Get('panel.password_special_char_required')) {
+			$password = validate(
+				$password,
+				'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
+				'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
+				'notrequiredpasswordcomplexity'
+			);
+		}
 	}
 	
 	return $password;