<%@ page language="java" contentType="text/html; charset=ISO-8859-1"%>
<%@ taglib prefix="sql" uri="http://java.sun.com/jsp/jstl/sql" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ page import="java.security.*" %>
<%@ page import="java.io.*" %>
<%@ page import="java.util.regex.*" %>
<%!
public static String getHash(String plainText)
{
try
{
MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
mdAlgorithm.update(plainText.getBytes());
byte[] digest = mdAlgorithm.digest();
StringBuffer hexString = new StringBuffer();
for (int i = 0; i < digest.length; i++) {
plainText = Integer.toHexString(0xFF & digest[i]);
if (plainText.length() < 2) {
plainText = "0" + plainText;
}
hexString.append(plainText);
}
return(hexString.toString());
}
catch(NoSuchAlgorithmException e) { return(null); }
}
%>
Change MySQL Password
// This code ensure the password meets requirements:
// at least one lowercase character
// at least one uppercase character
// at least one symbol
// at least one number
// at least 12 characters long
<%
String sOldHash = getHash(request.getParameter("old_password")) ;
String sNewHash = getHash(request.getParameter("new_password1")) ;
String sUser = request.getParameter("user");
String newPass = request.getParameter("new_password1");
int count = 0;
int meets_requirements = 0;
int has_cap = 0;
int has_symbol = 0;
int has_number = 0;
int has_lower = 0;
int has_length = 0;
// test new password
String capRegex = "[A-Z]";
Pattern capPatt = Pattern.compile(capRegex);
Matcher capMatcher = capPatt.matcher(newPass);
if ( capMatcher.find() ) {
//out.println("has a cap
");
has_cap = 1;
}
String lowRegex = "[a-z]";
Pattern lowPatt = Pattern.compile(lowRegex);
Matcher lowMatcher = lowPatt.matcher(newPass);
if ( lowMatcher.find() ) {
has_lower = 1;
}
String symRegex = "\\p{Punct}";
Pattern symPatt = Pattern.compile(symRegex);
Matcher symMatcher = symPatt.matcher(newPass);
if ( symMatcher.find() ) {
has_symbol = 1;
}
String numRegex = "\\d";
Pattern numPatt = Pattern.compile(numRegex);
Matcher numMatcher = numPatt.matcher(newPass);
if ( numMatcher.find() ) {
has_number = 1;
}
if ( newPass.length() >= 12 ) {
has_length = 1;
}
String passRegex = "((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\\p{Punct}).{12,})";
Pattern passPatt = Pattern.compile(passRegex);
Matcher passMatcher = passPatt.matcher(newPass);
if ( passMatcher.matches() ) {
meets_requirements = 1;
//out.println("Password meets requirements");
} else {
meets_requirements = 0;
out.println("The password you entered does not meet requirements");
if (has_number == 0) {
out.println("You must have at least one number");
}
if (has_symbol == 0) {
out.println("
You must have at least one symbol");
}
if (has_lower == 0) {
out.println("
You must have at least one lowercase letter");
}
if (has_cap == 0) {
out.println("
You must have at least one uppercase letter");
}
if (has_length == 0) {
out.println("
Your password must be at least 12 characters long");
}
out.println("
");
}
%>
Password test
<%--
The old hash is <%= sOldHash %>
The new hash is <%= sNewHash %>
--%>
Select user_name from users
WHERE (user_name = ?
and user_pass = ? )
<% count = count + 1; %>
UPDATE users
set user_pass = ?
WHERE (user_name = ?
and user_pass = ? )
Succesfully changed password for user ${row.user_name}
<%-- count is <%= count %> --%>
<% if (count == 0) {
out.println("
Incorrect password for user " + sUser + "!");
}
%>