From 4950c65bac8e57fe9d61e969dfc81bf7798d72bb Mon Sep 17 00:00:00 2001
From: dignajar <dignajar@gmail.com>
Date: Fri, 30 Oct 2015 19:44:12 -0300
Subject: [PATCH] Password length must be at least 6 characters long

---
 install.php                    | 10 +++++++---
 kernel/helpers/email.class.php |  6 +++---
 kernel/security.class.php      |  1 +
 languages/en_US.json           |  4 +++-
 4 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/install.php b/install.php
index 44c01f7e..0deac19f 100644
--- a/install.php
+++ b/install.php
@@ -309,10 +309,10 @@ function install($adminPassword, $email, $timezoneOffset)
 
 	file_put_contents(PATH_DATABASES.'site.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
 
+	// File users.php
 	$salt = getRandomString();
 	$passwordHash = sha1($adminPassword.$salt);
 
-	// File users.php
 	$data = array(
 		'admin'=>array(
 		'firstName'=>'',
@@ -329,7 +329,11 @@ function install($adminPassword, $email, $timezoneOffset)
 	file_put_contents(PATH_DATABASES.'users.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);
 
 	// File security.php
+	$randomKey = getRandomString();
+	$randomKey = sha1($randomKey);
+
 	$data = array(
+		'key1'=>$randomKey,
 		'minutesBlocked'=>5,
 		'numberFailuresAllowed'=>10,
 		'blackList'=>array()
@@ -424,9 +428,9 @@ function checkPOST($args)
 	global $Language;
 
 	// Check empty password
-	if(empty($args['password']))
+	if( strlen($args['password']) < 6 )
 	{
-		return '<div>'.$Language->g('The password field is empty').'</div>';
+		return '<div>'.$Language->g('Password must be at least 6 characters long').'</div>';
 	}
 
 	// Check invalid email
diff --git a/kernel/helpers/email.class.php b/kernel/helpers/email.class.php
index 102088d5..0f248049 100644
--- a/kernel/helpers/email.class.php
+++ b/kernel/helpers/email.class.php
@@ -15,9 +15,9 @@ class Email {
 		<head>
 			<title>BLUDIT</title>
 		</head>
-		<body>
-		<div style="margin: 0px auto; border: 1px solid #2672ec; padding: 10px; font-size: 14px;">
-			<div style="font-size: 26px; padding: 10px; background-color: #2672ec; color: #FFFFFF;">BLUDIT</div>
+		<body style="background-color: #f1f1f1;">
+		<div style="margin: 0px auto; padding: 10px; font-size: 14px; width: 70%; max-width: 600px;">
+			<div style="font-size: 26px;">BLUDIT</div>
 			'.$args['message'].'
 		</div>
 		</body>
diff --git a/kernel/security.class.php b/kernel/security.class.php
index 2567ac16..78b8495f 100644
--- a/kernel/security.class.php
+++ b/kernel/security.class.php
@@ -3,6 +3,7 @@
 class Security extends dbJSON
 {
 	private $dbFields = array(
+		'key1'=>'Where we go we dont need roads',
 		'minutesBlocked'=>5,
 		'numberFailuresAllowed'=>10,
 		'blackList'=>array()
diff --git a/languages/en_US.json b/languages/en_US.json
index df456ee9..c91025af 100644
--- a/languages/en_US.json
+++ b/languages/en_US.json
@@ -196,5 +196,7 @@
 	"general-settings": "General settings",
 	"advanced-settings": "Advanced settings",
 	"manage-users": "Manage users",
-	"view-and-edit-your-profile": "View and edit your profile."
+	"view-and-edit-your-profile": "View and edit your profile.",
+
+	"password-must-be-at-least-6-characters-long": "Password must be at least 6 characters long"
 }