]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blobdiff - index.php
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security: check passwords against Have I Been Pwned
[irc/unrealircd/unrealircd-webpanel.git] / index.php
diff --git a/index.php b/index.php
index 973427177bc380ff67022cf05cddaba469bae165..6ac22542b01bc0fae2441a8b0880d6340646f91a 100644 (file)
--- a/index.php
+++ b/index.php
@@ -28,9 +28,20 @@ $stats = (object) $array_of_stats;
 $userlist = [];
 Hook::run(HOOKTYPE_GET_USER_LIST, $userlist);
 $num_of_panel_admins = count($userlist);
-
+$current_user = unreal_get_current_user();
+if (isset($current_user->user_meta['hibp']))
+{
+       $num = $current_user->user_meta['hibp'];
+       Message::Fail("<h6><strong>Urgent</strong></h6>","Your password was found in a data breach $num time(s).",
+               "Please <strong><a href=\"".get_config("base_url")."settings/user-edit.php\">update your password</a></strong> immediately");
+}
 ?>
 <style>
+       .alert {
+               margin-left: 20px;
+               width:94%;
+               max-width: 500px;
+       }
        #health_banner {
                margin-left:20px;
                border-radius: 16px;
Unnamed repository; edit this file 'description' to name the repository.