friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Add htconfig setting to disable password_exposed()

This commit is contained in:
Hypolite Petovan 2018-03-21 02:35:28 -04:00
parent 701fd41463
commit 5b4fb945a2
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc/htconfig.md
View File

@ -41,6 +41,7 @@ Example: To set the automatic database cleanup process add this line to your .ht
* **diaspora_test** (Boolean) - For development only. Disables the message transfer.
* **disable_email_validation** (Boolean) - Disables the check if a mail address is in a valid format and can be resolved via DNS.
* **disable_url_validation** (Boolean) - Disables the DNS lookup of an URL.
* **disable_password_exposed** (Boolean) - Disable the exposition check against the remote haveibeenpwned API on password change. Default value is false.
* **dlogfile - location of the developer log file
* **dlogip - restricts develop log writes to requests originating from this IP address
* **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10.

2
mod/settings.php
View File

@ -390,7 +390,7 @@ function settings_post(App $a)
$err = true;
}
if (User::isPasswordExposed($newpass)) {
if (!$a->getConfigValue('system', 'disable_password_exposed', false) && User::isPasswordExposed($newpass)) {
notice(L10n::t('The new password has been exposed in a public data dump, please choose another.') . EOL);
$err = true;
}