function password_strength_strength in Password Strength 7
Same name and namespace in other branches
- 6.2 password_strength.module \password_strength_strength()
Gets Zxcvbn entropy and score for a password.
Parameters
string $password: Plain-text password to be measured.
object $account: Optional Drupal user account for additional contexts.
Return value
array Result array with keys: entropy - float score - int match_sequence - Array of Match objects from ZxcvbnPhp matches - Array with arrays of pattern data deduced from match_sequence percent - float
2 calls to password_strength_strength()
- password_strength_ajax_check in ./
password_strength.module - Menu callback for AJAX password check.
- _password_strength_calculate_strength in ./
password_strength.module - Internal helper gets pass and account from form and calls strength check.
File
- ./
password_strength.module, line 293 - Provides password controls, validation, and strength checker.
Code
function password_strength_strength($password, $account = NULL) {
global $user;
if (empty($account)) {
$account = $user;
}
// Get the required score needed for this account.
$score_required = password_strength_required_score($account);
// Return early if password matches email or account name.
$strength = array(
'entropy' => 0,
'score' => 0,
'score_required' => $score_required,
'percent' => 0,
'match_sequence' => array(),
'matches' => array(),
);
// Add a length matcher to add a message if the password
// is less then 7 characters.
if (strlen($password) < (int) variable_get('password_strength_default_password_length', 7)) {
$strength['matches'][] = array(
'pattern' => 'length',
'matched' => $password,
);
return $strength;
}
if (strtolower(trim(urldecode($password))) == $account->mail) {
$strength['matches'][] = array(
'pattern' => 'mail',
'matched' => $password,
);
return $strength;
}
if (strtolower(trim(urldecode($password))) == $account->name) {
$strength['matches'][] = array(
'pattern' => 'name',
'matched' => $password,
);
return $strength;
}
// Get password strength information from Zxcvbn.
$zxcvbn = new ZxcvbnPhp\Zxcvbn();
$strength = $zxcvbn
->passwordStrength($password);
$strength['score_required'] = $score_required;
$strength['matches'] = array();
// Determine whether score reaches the requirements.
if ($strength['score'] < $score_required) {
$strength['matches'][] = array(
'pattern' => 'score',
'matched' => $password,
);
}
// Determine which match sequences we can use to help the user
// on the front end when choosing a password. Filter out some
// of the stuff that wouldn't really make sense to the user.
foreach ($strength['match_sequence'] as $match) {
// Ignore patterns whose tokens are less then 3 characters,
// they're not very useful to show the user.
if (strlen($match->token) < 3) {
continue;
}
$strength['matches'][] = array(
'pattern' => password_strength_strength_pattern($match),
'matched' => $match->token,
);
}
// Calculate a percentage of the score based on the required score. This will
// be used to animate a strength bar on the front end. Make sure this value is
// between 0 and 100.
$strength['percent'] = round($strength['score'] / 4 * 100);
$strength['percent'] = $strength['percent'] >= 0 ? $strength['percent'] : 0;
$strength['percent'] = $strength['percent'] <= 100 ? $strength['percent'] : 100;
// Pass user account properties into checker.
return $strength;
}