| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | /** | 
					
						
							|  |  |  |  * @output wp-admin/js/password-strength-meter.js | 
					
						
							|  |  |  |  */ | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | /* global zxcvbn */ | 
					
						
							|  |  |  | window.wp = window.wp || {}; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | (function($){ | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	/** | 
					
						
							|  |  |  | 	 * Contains functions to determine the password strength. | 
					
						
							|  |  |  | 	 * | 
					
						
							|  |  |  | 	 * @since 3.7.0 | 
					
						
							|  |  |  | 	 * | 
					
						
							|  |  |  | 	 * @namespace | 
					
						
							|  |  |  | 	 */ | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 	wp.passwordStrength = { | 
					
						
							|  |  |  | 		/** | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 		 * Determines the strength of a given password. | 
					
						
							|  |  |  | 		 * | 
					
						
							|  |  |  | 		 * Compares first password to the password confirmation. | 
					
						
							|  |  |  | 		 * | 
					
						
							|  |  |  | 		 * @since 3.7.0 | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 		 * | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 		 * @param {string} password1 The subject password. | 
					
						
							|  |  |  | 		 * @param {Array}  blacklist An array of words that will lower the entropy of | 
					
						
							|  |  |  | 		 *                           the password. | 
					
						
							|  |  |  | 		 * @param {string} password2 The password confirmation. | 
					
						
							|  |  |  | 		 * | 
					
						
							|  |  |  | 		 * @returns {number} The password strength score. | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 		 */ | 
					
						
							|  |  |  | 		meter : function( password1, blacklist, password2 ) { | 
					
						
							|  |  |  | 			if ( ! $.isArray( blacklist ) ) | 
					
						
							|  |  |  | 				blacklist = [ blacklist.toString() ]; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			if (password1 != password2 && password2 && password2.length > 0) | 
					
						
							|  |  |  | 				return 5; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			if ( 'undefined' === typeof window.zxcvbn ) { | 
					
						
							|  |  |  | 				// Password strength unknown.
 | 
					
						
							|  |  |  | 				return -1; | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			var result = zxcvbn( password1, blacklist ); | 
					
						
							|  |  |  | 			return result.score; | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		/** | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 		 * Builds an array of words that should be penalized. | 
					
						
							|  |  |  | 		 * | 
					
						
							|  |  |  | 		 * Certain words need to be penalized because it would lower the entropy of a | 
					
						
							|  |  |  | 		 * password if they were used. The blacklist is based on user input fields such | 
					
						
							|  |  |  | 		 * as username, first name, email etc. | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 		 * | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 		 * @since 3.7.0 | 
					
						
							|  |  |  | 		 * | 
					
						
							|  |  |  | 		 * @returns {string[]} The array of words to be blacklisted. | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 		 */ | 
					
						
							|  |  |  | 		userInputBlacklist : function() { | 
					
						
							|  |  |  | 			var i, userInputFieldsLength, rawValuesLength, currentField, | 
					
						
							|  |  |  | 				rawValues       = [], | 
					
						
							|  |  |  | 				blacklist       = [], | 
					
						
							|  |  |  | 				userInputFields = [ 'user_login', 'first_name', 'last_name', 'nickname', 'display_name', 'email', 'url', 'description', 'weblog_title', 'admin_email' ]; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 			// Collect all the strings we want to blacklist.
 | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 			rawValues.push( document.title ); | 
					
						
							|  |  |  | 			rawValues.push( document.URL ); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			userInputFieldsLength = userInputFields.length; | 
					
						
							|  |  |  | 			for ( i = 0; i < userInputFieldsLength; i++ ) { | 
					
						
							|  |  |  | 				currentField = $( '#' + userInputFields[ i ] ); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 				if ( 0 === currentField.length ) { | 
					
						
							|  |  |  | 					continue; | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 				rawValues.push( currentField[0].defaultValue ); | 
					
						
							|  |  |  | 				rawValues.push( currentField.val() ); | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 			/* | 
					
						
							|  |  |  | 			 * Strip out non-alphanumeric characters and convert each word to an | 
					
						
							|  |  |  | 			 * individual entry. | 
					
						
							|  |  |  | 			 */ | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 			rawValuesLength = rawValues.length; | 
					
						
							|  |  |  | 			for ( i = 0; i < rawValuesLength; i++ ) { | 
					
						
							|  |  |  | 				if ( rawValues[ i ] ) { | 
					
						
							|  |  |  | 					blacklist = blacklist.concat( rawValues[ i ].replace( /\W/g, ' ' ).split( ' ' ) ); | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 			/* | 
					
						
							|  |  |  | 			 * Remove empty values, short words and duplicates. Short words are likely to | 
					
						
							|  |  |  | 			 * cause many false positives. | 
					
						
							|  |  |  | 			 */ | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | 			blacklist = $.grep( blacklist, function( value, key ) { | 
					
						
							|  |  |  | 				if ( '' === value || 4 > value.length ) { | 
					
						
							|  |  |  | 					return false; | 
					
						
							|  |  |  | 				} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 				return $.inArray( value, blacklist ) === key; | 
					
						
							|  |  |  | 			}); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			return blacklist; | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	}; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2019-04-16 20:56:22 +01:00
										 |  |  | 	// Backward compatibility.
 | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	/** | 
					
						
							|  |  |  | 	 * Password strength meter function. | 
					
						
							|  |  |  | 	 * | 
					
						
							|  |  |  | 	 * @since 2.5.0 | 
					
						
							|  |  |  | 	 * @deprecated 3.7.0 Use wp.passwordStrength.meter instead. | 
					
						
							|  |  |  | 	 * | 
					
						
							|  |  |  | 	 * @global | 
					
						
							|  |  |  | 	 * | 
					
						
							|  |  |  | 	 * @type {wp.passwordStrength.meter} | 
					
						
							|  |  |  | 	 */ | 
					
						
							|  |  |  | 	window.passwordStrength = wp.passwordStrength.meter; | 
					
						
							| 
									
										
										
										
											2019-03-12 09:27:46 +00:00
										 |  |  | })(jQuery); |