Meishin/LoginSystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Password Regex

Browse Source
This commit is contained in:
Xephi 2014-07-25 01:30:52 +02:00
parent 73d5b6f753
commit a409c23679
5 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -2,4 +2,5 @@
/bin/ /bin/
/.settings/ /.settings/
.classpath .classpath
.project .project
/target/

3
pom.xml
View File

@ -4,6 +4,9 @@
<artifactId>AuthMe</artifactId> <artifactId>AuthMe</artifactId>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>AuthMe</name> <name>AuthMe</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<repositories> <repositories>
<repository> <repository>
<id>Bukkit</id> <id>Bukkit</id>

9
src/main/java/fr/xephi/authme/process/register/AsyncronousRegister.java
View File

@ -52,6 +52,15 @@ public class AsyncronousRegister {
allowRegister = false; allowRegister = false;
} }
String lowpass = password.toLowerCase();
if ((lowpass.contains("delete") || lowpass.contains("where")
|| lowpass.contains("insert") || lowpass.contains("modify") || lowpass.contains("from")
|| lowpass.contains("select") || lowpass.contains(";") || lowpass.contains("null"))
|| !lowpass.matches(Settings.getPassRegex)) {
m._(player, "password_error");
allowRegister = false;
}
if (database.isAuthAvailable(player.getName().toLowerCase())) { if (database.isAuthAvailable(player.getName().toLowerCase())) {
m._(player, "user_regged"); m._(player, "user_regged");
if (plugin.pllog.getStringList("players").contains(player.getName())) { if (plugin.pllog.getStringList("players").contains(player.getName())) {

8
src/main/java/fr/xephi/authme/settings/Settings.java
View File

@ -69,7 +69,8 @@ public final class Settings extends YamlConfiguration {
getcUnrestrictedName, getRegisteredGroup, messagesLanguage, getMySQLlastlocX, getMySQLlastlocY, getMySQLlastlocZ, getcUnrestrictedName, getRegisteredGroup, messagesLanguage, getMySQLlastlocX, getMySQLlastlocY, getMySQLlastlocZ,
rakamakUsers, rakamakUsersIp, getmailAccount, getmailPassword, getmailSMTP, getMySQLColumnId, getmailSenderName, rakamakUsers, rakamakUsersIp, getmailAccount, getmailPassword, getmailSMTP, getMySQLColumnId, getmailSenderName,
getMailSubject, getMailText, getMySQLlastlocWorld, defaultWorld, getMailSubject, getMailText, getMySQLlastlocWorld, defaultWorld,
getPhpbbPrefix, getWordPressPrefix, getMySQLColumnLogged, spawnPriority, crazyloginFileName; getPhpbbPrefix, getWordPressPrefix, getMySQLColumnLogged, spawnPriority, crazyloginFileName,
getPassRegex;
public static int getWarnMessageInterval, getSessionTimeout, getRegistrationTimeout, getMaxNickLength, public static int getWarnMessageInterval, getSessionTimeout, getRegistrationTimeout, getMaxNickLength,
getMinNickLength, getPasswordMinLen, getMovementRadius, getmaxRegPerIp, getNonActivatedGroup, getMinNickLength, getPasswordMinLen, getMovementRadius, getmaxRegPerIp, getNonActivatedGroup,
@ -246,6 +247,7 @@ public void loadConfigOptions() {
delayJoinMessage = configFile.getBoolean("settings.delayJoinMessage", false); delayJoinMessage = configFile.getBoolean("settings.delayJoinMessage", false);
noTeleport = configFile.getBoolean("settings.restrictions.noTeleport", false); noTeleport = configFile.getBoolean("settings.restrictions.noTeleport", false);
crazyloginFileName = configFile.getString("Converter.CrazyLogin.fileName", "accounts.db"); crazyloginFileName = configFile.getString("Converter.CrazyLogin.fileName", "accounts.db");
getPassRegex = configFile.getString("settings.restrictions.allowedPasswordCharacters","[a-zA-Z0-9_?!@+&-]*");
// Load the welcome message // Load the welcome message
getWelcomeMessage(plugin); getWelcomeMessage(plugin);
@ -407,6 +409,7 @@ public static void reloadConfigOptions(YamlConfiguration newConfig) {
delayJoinMessage = configFile.getBoolean("settings.delayJoinMessage", false); delayJoinMessage = configFile.getBoolean("settings.delayJoinMessage", false);
noTeleport = configFile.getBoolean("settings.restrictions.noTeleport", false); noTeleport = configFile.getBoolean("settings.restrictions.noTeleport", false);
crazyloginFileName = configFile.getString("Converter.CrazyLogin.fileName", "accounts.db"); crazyloginFileName = configFile.getString("Converter.CrazyLogin.fileName", "accounts.db");
getPassRegex = configFile.getString("settings.restrictions.allowedPasswordCharacters","[a-zA-Z0-9_?!@+&-]*");
// Reload the welcome message // Reload the welcome message
getWelcomeMessage(AuthMe.getInstance()); getWelcomeMessage(AuthMe.getInstance());
@ -523,6 +526,9 @@ public static void reloadConfigOptions(YamlConfiguration newConfig) {
set("Converter.CrazyLogin.fileName", "accounts.db"); set("Converter.CrazyLogin.fileName", "accounts.db");
changes = true; changes = true;
} }
if(!contains("settings.restrictions.allowedPasswordCharacters")) {
set("settings.restrictions.allowedPasswordCharacters", "[a-zA-Z0-9_?!@+&-]*");
}
if (changes) { if (changes) {
plugin.getLogger().warning("Merge new Config Options - I'm not an error, please don't report me"); plugin.getLogger().warning("Merge new Config Options - I'm not an error, please don't report me");

2
src/main/resources/config.yml
View File

@ -164,6 +164,8 @@ settings:
maxJoinPerIp: 0 maxJoinPerIp: 0
# AuthMe will NEVER teleport players ! # AuthMe will NEVER teleport players !
noTeleport: false noTeleport: false
# Regex sintax for allowed Char in player name.
allowedPasswordCharacters: '[a-zA-Z0-9_?!@+&-]*'
GameMode: GameMode:
# ForceSurvivalMode to player when join ? # ForceSurvivalMode to player when join ?
ForceSurvivalMode: false ForceSurvivalMode: false