1 | <?php |
||
9 | class PasswordPwnedListValidator |
||
10 | { |
||
11 | /** @var string $file */ |
||
12 | private $file; |
||
13 | |||
14 | /** @var int $minimumThreshold */ |
||
15 | private $minimumThreshold; |
||
16 | |||
17 | /** |
||
18 | * PasswordPwnedListValidator constructor. |
||
19 | * |
||
20 | * @param string $file the path to the blacklist file |
||
21 | * @param int $minimumThreshold How many times a password must appear before we consider it invalid |
||
22 | * @see https://haveibeenpwned.com/Passwords for access to the list of passwords to be used with this validator. |
||
23 | */ |
||
24 | public function __construct(string $file, $minimumThreshold = 50) |
||
29 | |||
30 | /** {@inheritdoc} */ |
||
31 | public function validate(string $password): bool |
||
47 | |||
48 | /** |
||
49 | * Iterates over and yields each blacklisted password |
||
50 | * |
||
51 | * @return Generator |
||
52 | */ |
||
53 | private function getBlacklistPasswords(): Generator |
||
63 | } |
||
64 |
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.