diff --git a/app/Http/Controllers/SettingsController.php b/app/Http/Controllers/SettingsController.php index b1cb620a8..dbb6f6622 100755 --- a/app/Http/Controllers/SettingsController.php +++ b/app/Http/Controllers/SettingsController.php @@ -20,6 +20,7 @@ use DB; use enshrined\svgSanitize\Sanitizer; use Illuminate\Http\Request; use Illuminate\Support\Facades\Storage; +use Illuminate\Validation\Rule; use Image; use Input; use Redirect; @@ -499,6 +500,19 @@ class SettingsController extends Controller */ public function postSecurity(Request $request) { + $this->validate($request, [ + 'pwd_secure_complexity' => 'array', + 'pwd_secure_complexity.*' => [ + Rule::in([ + 'disallow_same_pwd_as_user_fields', + 'letters', + 'numbers', + 'symbols', + 'case_diff', + ]) + ] + ]); + if (is_null($setting = Setting::getSettings())) { return redirect()->to('admin')->with('error', trans('admin/settings/message.update.error')); } diff --git a/resources/lang/en-US/validation.php b/resources/lang/en-US/validation.php index d027a93f8..05374e23a 100644 --- a/resources/lang/en-US/validation.php +++ b/resources/lang/en-US/validation.php @@ -153,4 +153,10 @@ return [ 'attributes' => [], + /* + |-------------------------------------------------------------------------- + | Generic Validation Messages + |-------------------------------------------------------------------------- + */ + 'invalid_value_in_field' => 'Invalid value included in this field', ]; diff --git a/resources/views/settings/security.blade.php b/resources/views/settings/security.blade.php index a23b8cece..f108683dc 100644 --- a/resources/views/settings/security.blade.php +++ b/resources/views/settings/security.blade.php @@ -74,12 +74,11 @@ -
+
{{ Form::label('pwd_secure_complexity', trans('admin/settings/general.pwd_secure_complexity')) }}
- + @if ($errors->has('pwd_secure_complexity.*')) + {{ trans('validation.invalid_value_in_field') }} + @endif

{{ trans('admin/settings/general.pwd_secure_complexity_help') }}