vTiger Customizations – Part 3 – Enforcing strong passwords in the Customer Portal

This is a continuation from Part 2 – Enforcing strong passwords in vTiger.

I submitted the updates to the Trac site for vTiger as diff updates to the 5.2.0 code, which might be easier to use to update the code.

Implementing the enforcement of strong passwords in the vTiger Customer Portal is easy to do. Again, I’ll divide this up into 2 sections, the Front end (Javascript) code and the Back end (PHP) code:

1.) Customer Portal Front end password enforcement (Customer Portal Javascript)
2.) Customer Portal Back end password enforcement (Customer Portal PHP code)

1.) Customer Portal Front end password enforcement to vtiger/customerportal/MySettings.php –> F/E
Line: 134

-confirmpw = trim(form.confirm_password.value);

var passwordCheckRegex = new RegExp(“^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$”, “g”);

-if(oldpw == ”)
-{

Line 149:

else if (passwordCheckRegex.test(trim(newpw)) == false) {
alert(“Password not strong enough. Please enter a password 8 characters or more, 1 upper case letter, 1 lower case letter and 1 number”);
return false;
}

2.) Customer Portal Back end password enforecment in vtigercrm/customerportal/HelpDesk/Utils.php –> B/E
Line: 115

-if(strcasecmp($newpw,$confirmpw) == 0)
-{

if (preg_match(‘/^(?=.{7,})(((?=.*[A-Z])(?=.*[a-z]))|((?=.*[A-Z])(?=.*[0-9]))|((?=.*[a-z])(?=.*[0-9]))).*$/’, $newpw, $matches) >= 1) {

-$customerid = $result[0][‘id’];
-// $customerid = $_SESSION[‘customer_id’];
-$sessionid = $_SESSION[‘customer_sessionid’];

… // WRAP THE IF AROUND THE PASSWORD UPDATE CODE

}
else
{
$errormsg .= ‘Password not strong enough. Please enter a password 8 characters or more, 1 upper case letter, 1 lower case letter and 1 number’;
}

-}
-else
-{
-$errormsg .= getTranslatedString(‘MSG_ENTER_NEW_PASSWORDS_SAME’);
-}

NOTE: As I stated in the last post, I did not create this regex. I used the medium regex created found by Doug in his post found here.

Now, you can rest a little better knowing that your customers are using strong passwords on your Customer Portal site. I hope you found this helpful!

Resources: Check Password Strength with Javascript and Regular Expressions

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close