function _prod_check_user_pass in Production check & Production monitor 6
Same name and namespace in other branches
- 7 prod_check.module \_prod_check_user_pass()
File
- ./
prod_check.module, line 1271
Code
function _prod_check_user_pass($caller = 'internal') {
$check = array();
$secure = TRUE;
$list = '';
$title = 'User passwords';
$path = '';
if ($caller != 'internal') {
$path = PRODCHECK_BASEURL;
}
// Be sure to omit the anonymous user with id 0.
$result = db_query('SELECT uid, name FROM {users} WHERE uid <> 0 AND status = 1 AND MD5(name) = pass');
while ($row = db_fetch_array($result)) {
$list .= l($row['name'], $path . 'user/' . $row['uid'] . '/edit', array(
'attributes' => array(
'title' => t('Edit user') . ' ' . $row['name'],
),
'query' => drupal_get_destination(),
)) . ', ';
}
if (!empty($list)) {
$secure = FALSE;
// Remove last comma and space.
$list = rtrim($list, ', ');
}
$check['prod_check_user_pass'] = array(
'#title' => t($title),
'#state' => $secure,
'#severity' => $caller == 'nagios' ? NAGIOS_STATUS_CRITICAL : PROD_CHECK_REQUIREMENT_ERROR,
'#value_ok' => t('Secure'),
'#value_nok' => t('Security risk!'),
'#description_ok' => t('No security risk found.'),
'#description_nok' => t('Some users have a password that is identical to their username! You should check the following users:' . ' ' . $list . '.'),
'#nagios_key' => 'USRBD',
'#nagios_type' => 'state',
);
return prod_check_execute_check($check, $caller);
}