From d6d4fb47489a362c031e00d765e31bd7dc03cf78 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Sun, 25 Sep 2011 18:53:58 +0000
Subject: [PATCH] functions.inc.php - create_admin() - check password with
 validate_password() - cleanup the handling of the success message

This fixes 50% of
https://sourceforge.net/tracker/?func=detail&aid=1951979&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1193 a1433add-5e2c-0410-b055-b7f2511e0802
---
 functions.inc.php | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/functions.inc.php b/functions.inc.php
index 6b2d7850..102bc43b 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -2277,15 +2277,23 @@ function create_admin($fUsername, $fPassword, $fPassword2, $fDomains, $no_genera
         $pAdminCreate_admin_username_text_error = $PALANG['pAdminCreate_admin_username_text_error2'];
     }
 
+    $generated_password = 0;
     if (empty ($fPassword) or empty ($fPassword2) or ($fPassword != $fPassword2)) {
         if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES" && $no_generate_password == 0) {
             $fPassword = generate_password ();
+            $generated_password = 1;
         } else {
             $error = 1;
             $pAdminCreate_admin_password_text_error = $PALANG['pAdminCreate_admin_password_text_error'];
         }
     }
 
+    $validpass = validate_password($fPassword);
+    if(count($validpass) > 0 && $generated_password == 0) { # skip this check for generated passwords
+        $pAdminCreate_admin_password_text_error = $validpass[0]; # TODO: honor all error messages, not only the first one
+        $error = 1;
+    }
+
     if ($error != 1) {
         $password = pacrypt($fPassword);
         // $pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
@@ -2309,15 +2317,10 @@ function create_admin($fUsername, $fPassword, $fPassword2, $fDomains, $no_genera
                 }
             }
             $pAdminCreate_admin_message = $PALANG['pAdminCreate_admin_result_success'] . "<br />($fUsername";
-            if ($CONF['generate_password'] == "YES" && $no_generate_password == 0) {
-                $pAdminCreate_admin_message .= " / $fPassword)</br />";
-            } else {
-                if ($CONF['show_password'] == "YES" && $no_generate_password == 0) {
-                    $pAdminCreate_admin_message .= " / $fPassword)</br />";
-                } else {
-                    $pAdminCreate_admin_message .= ")</br />";
-                }
+            if ($CONF['show_password'] == "YES" || $generated_password == 1) {
+                $pAdminCreate_admin_message .= " / $fPassword";
             }
+            $pAdminCreate_admin_message .= ")</br />";
         }
     }