fix password validation

Closes #1066

Merge request studip/studip!631

app/controllers/admin/user.php

@@ -419,7 +419,8 @@ class Admin_UserController extends AuthenticatedController
             //change password
             if (($GLOBALS['perm']->have_perm('root') && Config::get()->ALLOW_ADMIN_USERACCESS) && (Request::get('pass_1') != '' || Request::get('pass_2') != '')) {
                 if (Request::get('pass_1') == Request::get('pass_2')) {
-                    if (mb_strlen(Request::get('pass_1')) < 4) {
+                    $validator = new email_validation_class();
+                    if (!$validator->ValidatePassword(Request::get('pass_1'))) {
                         $details[] = _('Das Passwort ist zu kurz. Es sollte mindestens 8 Zeichen lang sein.');
                     } else {
                         $um->changePassword(Request::get('pass_1'));

lib/classes/StudipInstaller.php

@@ -2,7 +2,7 @@
 final class StudipInstaller
 {
     const USERNAME_REGEX = '/^([a-zA-Z0-9_@.-]{4,})$/';
-    const PASSWORD_REGEX = '/^([[:print:]]{8,72})$/';
+    const PASSWORD_REGEX = '/^([[:print:]]{8,})$/';
 
     private $base_path;
 

lib/phplib/email_validation.class.php

@@ -9,7 +9,7 @@
 class email_validation_class
 {
     var $username_regular_expression=null;
-    var $password_regular_expression="/^(.{8,72})\$/";
+    var $password_regular_expression="/^.{8,}\$/";
     var $name_regular_expression='/^[_ a-zA-ZÀ-ÿ\'-]+$/';
     var $telefon_regular_expression="/^([0-9 \(\)\\/+_-]*)\$/";
     var $timeout=10;
@@ -97,7 +97,7 @@ class email_validation_class
 
     Function ValidatePassword($password)
     {
-        return(preg_match($this->password_regular_expression,$password)!=0);
+        return preg_match($this->password_regular_expression, $password) != 0;
     }
 
     Function ValidateName($name)