From 7d20b6c5a9c5204457642c6b3a1517652a3d8327 Mon Sep 17 00:00:00 2001 From: PhilW Date: Sat, 13 Jun 2026 14:32:38 +0100 Subject: [PATCH] password: support regular expressions in password_login_exceptions --- plugins/password/config.inc.php.dist | 3 ++- plugins/password/password.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/password/config.inc.php.dist b/plugins/password/config.inc.php.dist index a058bf7c02..b4ffe9b2c7 100644 --- a/plugins/password/config.inc.php.dist +++ b/plugins/password/config.inc.php.dist @@ -28,8 +28,9 @@ $config['password_minimum_score'] = 0; // Enables logging of password changes into logs/password $config['password_log'] = false; -// Array of login exceptions for which password change +// Array of username exceptions for which password change // will be not available (no Password tab in Settings) +// or PCRE patterns (including // delimiters e.g. '/@domain.com$/'). $config['password_login_exceptions'] = null; // Array of hosts that support password changing. diff --git a/plugins/password/password.php b/plugins/password/password.php index 75eea99835..1d828f20c8 100644 --- a/plugins/password/password.php +++ b/plugins/password/password.php @@ -482,7 +482,7 @@ private function check_host_login_exceptions() $username = $_SESSION['username']; foreach ($exceptions as $ec) { - if ($username === $ec) { + if ($username === $ec || (str_starts_with($ec, '/') && preg_match($ec, $username))) { return false; } }