- Модуль: security
- Путь к файлу: ~/bitrix/modules/security/classes/general/tests/user.php
- Класс: CSecurityUserTest
- Вызов: CSecurityUserTest::check
public function check(array $params = array())
{
$this->initializeParams($params);
$testID = $this->getParam('TEST_ID', $this->internalName);
$sessionData = new CSecurityTemporaryStorage($testID);
if (!$sessionData->isExists('current_user'))
{
$userId = static::getNextUserId(0);
$passwordId = 0;
}
else
{
$userId = $sessionData->getInt('current_user');
$passwordId = $sessionData->getInt('current_password');
}
if ($userId > 0)
{
$userChecked = true;
$passwordDictionary = static::getPasswordDictionary();
list($salt, $password) = $this->getUserPassword($userId);
for ($i = $passwordId, $max = count($passwordDictionary); $i < $max; $i++)
{
if ($this->isTimeOut())
{
$sessionData->setData('current_password', $i);
$userChecked = false;
break;
}
if (static::isUserPassword($salt, $password, $passwordDictionary[$i]))
{
$sessionData->pushToArray('weak_users', $userId);
break;
}
}
if ($userChecked)
$sessionData->setData('current_user', static::getNextUserId($userId));
else
$sessionData->setData('current_user', $userId);
$result = array(
'name' => $this->getName(),
'timeout' => 1,
'in_progress' => true
);
}
else
{
$weakUsers = $sessionData->getArray('weak_users');
$sessionData->flushData();
$result = array(
'name' => $this->getName(),
'problem_count' => !empty($weakUsers)? 1: 0,
'errors' => array(
array(
'title' => GetMessage('SECURITY_SITE_CHECKER_ADMIN_WEAK_PASSWORD'),
'critical' => CSecurityCriticalLevel::HIGHT,
'detail' => GetMessage('SECURITY_SITE_CHECKER_ADMIN_WEAK_PASSWORD_DETAIL'),
'recommendation' => $result = GetMessage('SECURITY_SITE_CHECKER_ADMIN_WEAK_PASSWORD_RECOMMENDATIONS'),
'additional_info' => !empty($weakUsers) ? static::formatRecommendation($weakUsers): ''
)
),
'status' => empty($weakUsers)
);
}
return $result;
}