From 2ee43758d59da5b548aec8563e81eafd3244c728 Mon Sep 17 00:00:00 2001
From: ngosang <ngosang@hotmail.es>
Date: Sun, 31 Jan 2016 18:30:43 +0100
Subject: [PATCH] Check WebUI username and password length. Closes #4191

---
 src/gui/options_imp.cpp                       | 30 ++++++++++++++-----
 src/gui/options_imp.h                         |  1 +
 src/webui/extra_translations.h                |  2 --
 src/webui/www/public/preferences_content.html |  7 ++---
 4 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/src/gui/options_imp.cpp b/src/gui/options_imp.cpp
index 515e4bf39..f8eb2c52f 100644
--- a/src/gui/options_imp.cpp
+++ b/src/gui/options_imp.cpp
@@ -519,7 +519,6 @@ void options_imp::saveOptions()
             pref->setWebUiHttpsKey(m_sslKey);
         }
         pref->setWebUiUsername(webUiUsername());
-        // FIXME: Check that the password is valid (not empty at least)
         pref->setWebUiPassword(webUiPassword());
         pref->setWebUiLocalAuthEnabled(!checkBypassLocalAuth->isChecked());
         // DynDNS
@@ -1024,6 +1023,10 @@ void options_imp::on_buttonBox_accepted()
             tabSelection->setCurrentRow(TAB_SPEED);
             return;
         }
+        if (!webUIAuthenticationOk()) {
+            tabSelection->setCurrentRow(TAB_WEBUI);
+            return;
+        }
         applyButton->setEnabled(false);
         this->hide();
         saveOptions();
@@ -1039,6 +1042,10 @@ void options_imp::applySettings(QAbstractButton* button)
             tabSelection->setCurrentRow(TAB_SPEED);
             return;
         }
+        if (!webUIAuthenticationOk()) {
+            tabSelection->setCurrentRow(TAB_WEBUI);
+            return;
+        }
         saveOptions();
     }
 }
@@ -1526,15 +1533,22 @@ void options_imp::setSslCertificate(const QByteArray &cert, bool interactive)
 
 bool options_imp::schedTimesOk()
 {
-    QString msg;
-
-    if (schedule_from->time() == schedule_to->time())
-        msg = tr("The start time and the end time can't be the same.");
-
-    if (!msg.isEmpty()) {
-        QMessageBox::critical(this, tr("Time Error"), msg);
+    if (schedule_from->time() == schedule_to->time()) {
+        QMessageBox::warning(this, tr("Time Error"), tr("The start time and the end time can't be the same."));
         return false;
     }
+    return true;
+}
 
+bool options_imp::webUIAuthenticationOk()
+{
+    if (webUiUsername().length() < 3) {
+        QMessageBox::warning(this, tr("Length Error"), tr("The Web UI username must be at least 3 characters long."));
+        return false;
+    }
+    if (webUiPassword().length() < 6) {
+        QMessageBox::warning(this, tr("Length Error"), tr("The Web UI password must be at least 6 characters long."));
+        return false;
+    }
     return true;
 }
diff --git a/src/gui/options_imp.h b/src/gui/options_imp.h
index 46ec23d67..6f063a5e0 100644
--- a/src/gui/options_imp.h
+++ b/src/gui/options_imp.h
@@ -166,6 +166,7 @@ private:
     void setSslKey(const QByteArray &key, bool interactive = true);
     void setSslCertificate(const QByteArray &cert, bool interactive = true);
     bool schedTimesOk();
+    bool webUIAuthenticationOk();
 
 private:
     QButtonGroup choiceLanguage;
diff --git a/src/webui/extra_translations.h b/src/webui/extra_translations.h
index 350682447..46099c5b9 100644
--- a/src/webui/extra_translations.h
+++ b/src/webui/extra_translations.h
@@ -58,8 +58,6 @@ static const char *__TRANSLATIONS__[] = {
     QT_TRANSLATE_NOOP("HttpServer", "Language"),
     QT_TRANSLATE_NOOP("HttpServer", "The port used for incoming connections must be between 1 and 65535."),
     QT_TRANSLATE_NOOP("HttpServer", "The port used for the Web UI must be between 1 and 65535."),
-    QT_TRANSLATE_NOOP("HttpServer", "The Web UI username must be at least 3 characters long."),
-    QT_TRANSLATE_NOOP("HttpServer", "The Web UI password must be at least 3 characters long."),
     QT_TRANSLATE_NOOP("HttpServer", "Save"),
     QT_TRANSLATE_NOOP("HttpServer", "qBittorrent client is not reachable"),
     QT_TRANSLATE_NOOP("HttpServer", "HTTP Server"),
diff --git a/src/webui/www/public/preferences_content.html b/src/webui/www/public/preferences_content.html
index cf0ea1506..9e213e91f 100644
--- a/src/webui/www/public/preferences_content.html
+++ b/src/webui/www/public/preferences_content.html
@@ -1239,14 +1239,13 @@ applyPreferences = function() {
 
   // Authentication
   var web_ui_username = $('webui_username_text').getProperty('value');
-  var web_ui_password = $('webui_password_text').getProperty('value');
-    // Add some username/password length checking
   if(web_ui_username.length < 3) {
     alert("QBT_TR(The Web UI username must be at least 3 characters long.)QBT_TR");
     return;
   }
-  if(web_ui_password.length < 3) {
-    alert("QBT_TR(The Web UI password must be at least 3 characters long.)QBT_TR");
+  var web_ui_password = $('webui_password_text').getProperty('value');
+  if(web_ui_password.length < 6) {
+    alert("QBT_TR(The Web UI password must be at least 6 characters long.)QBT_TR");
     return;
   }
   settings.set('web_ui_username', web_ui_username);