Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
- Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/login/ -> change_password_form.php (source)
Differences Between: [Versions 310 and 400] [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403]
1 <?php 2 3 // This file is part of Moodle - http://moodle.org/ 4 // 5 // Moodle is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // Moodle is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU General Public License for more details. 14 // 15 // You should have received a copy of the GNU General Public License 16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 17 18 /** 19 * Change password form definition. 20 * 21 * @package core 22 * @subpackage auth 23 * @copyright 2006 Petr Skoda {@link http://skodak.org} 24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 25 */ 26 27 defined('MOODLE_INTERNAL') || die(); 28 29 require_once($CFG->libdir.'/formslib.php'); 30 require_once($CFG->dirroot.'/user/lib.php'); 31 require_once ('lib.php'); 32 33 class login_change_password_form extends moodleform { 34 35 function definition() { 36 global $USER, $CFG; 37 38 $mform = $this->_form; 39 $mform->setDisableShortforms(true); 40 41 $mform->addElement('header', 'changepassword', get_string('changepassword'), ''); 42 43 // visible elements 44 $mform->addElement('static', 'username', get_string('username'), $USER->username); 45 46 $policies = array(); 47 if (!empty($CFG->passwordpolicy)) { 48 $policies[] = print_password_policy(); 49 } 50 if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) { 51 $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit); 52 } 53 if ($policies) { 54 $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies)); 55 } 56 $purpose = user_edit_map_field_purpose($USER->id, 'password'); 57 $mform->addElement('password', 'password', get_string('oldpassword'), $purpose); 58 $mform->addRule('password', get_string('required'), 'required', null, 'client'); 59 $mform->setType('password', PARAM_RAW); 60 61 $mform->addElement('password', 'newpassword1', get_string('newpassword')); 62 $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client'); 63 $mform->setType('newpassword1', PARAM_RAW); 64 65 $mform->addElement('password', 'newpassword2', get_string('newpassword').' ('.get_String('again').')'); 66 $mform->addRule('newpassword2', get_string('required'), 'required', null, 'client'); 67 $mform->setType('newpassword2', PARAM_RAW); 68 69 if (empty($CFG->passwordchangetokendeletion) and !empty(webservice::get_active_tokens($USER->id))) { 70 $mform->addElement('advcheckbox', 'signoutofotherservices', get_string('signoutofotherservices')); 71 $mform->addHelpButton('signoutofotherservices', 'signoutofotherservices'); 72 $mform->setDefault('signoutofotherservices', 1); 73 } 74 75 // hidden optional params 76 $mform->addElement('hidden', 'id', 0); 77 $mform->setType('id', PARAM_INT); 78 79 // Hook for plugins to extend form definition. 80 core_login_extend_change_password_form($mform, $USER); 81 82 // buttons 83 if (get_user_preferences('auth_forcepasswordchange')) { 84 $this->add_action_buttons(false); 85 } else { 86 $this->add_action_buttons(true); 87 } 88 } 89 90 /// perform extra password change validation 91 function validation($data, $files) { 92 global $USER; 93 $errors = parent::validation($data, $files); 94 $reason = null; 95 96 // Extend validation for any form extensions from plugins. 97 $errors = array_merge($errors, core_login_validate_extend_change_password_form($data, $USER)); 98 99 // ignore submitted username 100 if (!$user = authenticate_user_login($USER->username, $data['password'], true, $reason, false)) { 101 $errors['password'] = get_string('invalidlogin'); 102 return $errors; 103 } 104 105 if ($data['newpassword1'] <> $data['newpassword2']) { 106 $errors['newpassword1'] = get_string('passwordsdiffer'); 107 $errors['newpassword2'] = get_string('passwordsdiffer'); 108 return $errors; 109 } 110 111 if ($data['password'] == $data['newpassword1']){ 112 $errors['newpassword1'] = get_string('mustchangepassword'); 113 $errors['newpassword2'] = get_string('mustchangepassword'); 114 return $errors; 115 } 116 117 if (user_is_previously_used_password($USER->id, $data['newpassword1'])) { 118 $errors['newpassword1'] = get_string('errorpasswordreused', 'core_auth'); 119 $errors['newpassword2'] = get_string('errorpasswordreused', 'core_auth'); 120 } 121 122 $errmsg = '';//prevents eclipse warnings 123 if (!check_password_policy($data['newpassword1'], $errmsg, $USER)) { 124 $errors['newpassword1'] = $errmsg; 125 $errors['newpassword2'] = $errmsg; 126 return $errors; 127 } 128 129 return $errors; 130 } 131 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
