Search moodle.org's
Developer Documentation
Developer Documentation
See Release Notes
Long Term Support Release
- Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
- Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
- PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/login/ -> change_password_form.php (source)
Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 401 and 403]
1 <?php 2 3 // This file is part of Moodle - http://moodle.org/ 4 // 5 // Moodle is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // Moodle is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU General Public License for more details. 14 // 15 // You should have received a copy of the GNU General Public License 16 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 17 18 /** 19 * Change password form definition. 20 * 21 * @package core 22 * @subpackage auth 23 * @copyright 2006 Petr Skoda {@link http://skodak.org} 24 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 25 */ 26 27 defined('MOODLE_INTERNAL') || die(); 28 29 require_once($CFG->libdir.'/formslib.php'); 30 require_once($CFG->dirroot.'/user/lib.php'); 31 require_once ('lib.php'); 32 33 class login_change_password_form extends moodleform { 34 35 function definition() { 36 global $USER, $CFG; 37 38 $mform = $this->_form; 39 $mform->setDisableShortforms(true); 40 41 $mform->addElement('header', 'changepassword', get_string('changepassword'), ''); 42 43 // visible elements 44 $mform->addElement('static', 'username', get_string('username'), $USER->username); 45 46 $policies = array(); 47 if (!empty($CFG->passwordpolicy)) { 48 $policies[] = print_password_policy(); 49 } 50 if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) { 51 $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit); 52 } 53 if ($policies) { 54 $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies)); 55 } 56 $purpose = user_edit_map_field_purpose($USER->id, 'password'); 57 $mform->addElement('password', 'password', get_string('oldpassword'), $purpose); 58 $mform->addRule('password', get_string('required'), 'required', null, 'client'); 59 $mform->setType('password', PARAM_RAW); 60 61 $mform->addElement('password', 'newpassword1', get_string('newpassword'), 62 ['autocomplete' => 'new-password']); 63 $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client'); 64 $mform->setType('newpassword1', PARAM_RAW); 65 66 $mform->addElement('password', 'newpassword2', 67 get_string('newpassword').' ('.get_String('again').')', 68 ['autocomplete' => 'new-password']); 69 $mform->addRule('newpassword2', get_string('required'), 'required', null, 'client'); 70 $mform->setType('newpassword2', PARAM_RAW); 71 72 if (empty($CFG->passwordchangetokendeletion) and !empty(webservice::get_active_tokens($USER->id))) { 73 $mform->addElement('advcheckbox', 'signoutofotherservices', get_string('signoutofotherservices')); 74 $mform->addHelpButton('signoutofotherservices', 'signoutofotherservices'); 75 $mform->setDefault('signoutofotherservices', 1); 76 } 77 78 // hidden optional params 79 $mform->addElement('hidden', 'id', 0); 80 $mform->setType('id', PARAM_INT); 81 82 // Hook for plugins to extend form definition. 83 core_login_extend_change_password_form($mform, $USER); 84 85 // buttons 86 if (get_user_preferences('auth_forcepasswordchange')) { 87 $this->add_action_buttons(false); 88 } else { 89 $this->add_action_buttons(true); 90 } 91 } 92 93 /// perform extra password change validation 94 function validation($data, $files) { 95 global $USER; 96 $errors = parent::validation($data, $files); 97 $reason = null; 98 99 // Extend validation for any form extensions from plugins. 100 $errors = array_merge($errors, core_login_validate_extend_change_password_form($data, $USER)); 101 102 // ignore submitted username 103 if (!$user = authenticate_user_login($USER->username, $data['password'], true, $reason, false)) { 104 $errors['password'] = get_string('invalidlogin'); 105 return $errors; 106 } 107 108 if ($data['newpassword1'] <> $data['newpassword2']) { 109 $errors['newpassword1'] = get_string('passwordsdiffer'); 110 $errors['newpassword2'] = get_string('passwordsdiffer'); 111 return $errors; 112 } 113 114 if ($data['password'] == $data['newpassword1']){ 115 $errors['newpassword1'] = get_string('mustchangepassword'); 116 $errors['newpassword2'] = get_string('mustchangepassword'); 117 return $errors; 118 } 119 120 if (user_is_previously_used_password($USER->id, $data['newpassword1'])) { 121 $errors['newpassword1'] = get_string('errorpasswordreused', 'core_auth'); 122 $errors['newpassword2'] = get_string('errorpasswordreused', 'core_auth'); 123 } 124 125 $errmsg = '';//prevents eclipse warnings 126 if (!check_password_policy($data['newpassword1'], $errmsg, $USER)) { 127 $errors['newpassword1'] = $errmsg; 128 $errors['newpassword2'] = $errmsg; 129 return $errors; 130 } 131 132 return $errors; 133 } 134 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
