Differences Between: [Versions 311 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Set password form definition. 19 * 20 * @package core 21 * @subpackage auth 22 * @copyright 2006 Petr Skoda {@link http://skodak.org} 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 require_once($CFG->libdir.'/formslib.php'); 29 require_once($CFG->dirroot.'/user/lib.php'); 30 require_once ('lib.php'); 31 32 /** 33 * Set forgotten password form definition. 34 * 35 * @package core 36 * @subpackage auth 37 * @copyright 2006 Petr Skoda {@link http://skodak.org} 38 * @copyright 2013 Peter Bulmer 39 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 40 */ 41 class login_set_password_form extends moodleform { 42 43 /** 44 * Define the set password form. 45 */ 46 public function definition() { 47 global $CFG; 48 49 $mform = $this->_form; 50 $mform->setDisableShortforms(true); 51 $mform->addElement('header', 'setpassword', get_string('setpassword'), ''); 52 53 // Include the username in the form so browsers will recognise that a password is being set. 54 $mform->addElement('text', 'username', '', 'style="display: none;"'); 55 $mform->setType('username', PARAM_RAW); 56 // Token gives authority to change password. 57 $mform->addElement('hidden', 'token', ''); 58 $mform->setType('token', PARAM_ALPHANUM); 59 60 // Visible elements. 61 $mform->addElement('static', 'username2', get_string('username')); 62 63 $policies = array(); 64 if (!empty($CFG->passwordpolicy)) { 65 $policies[] = print_password_policy(); 66 } 67 if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) { 68 $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit); 69 } 70 if ($policies) { 71 $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies)); 72 } 73 $mform->addElement('password', 'password', get_string('newpassword')); 74 $mform->addRule('password', get_string('required'), 'required', null, 'client'); 75 $mform->setType('password', PARAM_RAW); 76 77 $strpasswordagain = get_string('newpassword') . ' (' . get_string('again') . ')'; 78 $mform->addElement('password', 'password2', $strpasswordagain); 79 $mform->addRule('password2', get_string('required'), 'required', null, 'client'); 80 $mform->setType('password2', PARAM_RAW); 81 82 // Hook for plugins to extend form definition. 83 $user = $this->_customdata; 84 core_login_extend_set_password_form($mform, $user); 85 86 $this->add_action_buttons(true); 87 } 88 89 /** 90 * Perform extra password change validation. 91 * @param array $data submitted form fields. 92 * @param array $files submitted with the form. 93 * @return array errors occuring during validation. 94 */ 95 public function validation($data, $files) { 96 $user = $this->_customdata; 97 98 $errors = parent::validation($data, $files); 99 100 // Extend validation for any form extensions from plugins. 101 $errors = array_merge($errors, core_login_validate_extend_set_password_form($data, $user)); 102 103 // Ignore submitted username. 104 if ($data['password'] !== $data['password2']) { 105 $errors['password'] = get_string('passwordsdiffer'); 106 $errors['password2'] = get_string('passwordsdiffer'); 107 return $errors; 108 } 109 110 $errmsg = ''; // Prevents eclipse warnings. 111 if (!check_password_policy($data['password'], $errmsg, $user)) { 112 $errors['password'] = $errmsg; 113 $errors['password2'] = $errmsg; 114 return $errors; 115 } 116 117 if (user_is_previously_used_password($user->id, $data['password'])) { 118 $errors['password'] = get_string('errorpasswordreused', 'core_auth'); 119 $errors['password2'] = get_string('errorpasswordreused', 'core_auth'); 120 } 121 122 return $errors; 123 } 124 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body