Moodle 4.1 XRef and Diffs

Search moodle.org's
Developer Documentation
See Release Notes
Long Term Support Release
Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
Moodle 4.1 Database Schema (by Marcus Green)
/login/ -> set_password_form.php (source)
Differences Between: [Versions 401 and 403]
   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Set password form definition.
  19   *
  20   * @package    core
  21   * @subpackage auth
  22   * @copyright  2006 Petr Skoda {@link http://skodak.org}
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  
  26  defined('MOODLE_INTERNAL') || die();
  27  
  28  require_once($CFG->libdir.'/formslib.php');
  29  require_once($CFG->dirroot.'/user/lib.php');
  30  require_once ('lib.php');
  31  
  32  /**
  33   * Set forgotten password form definition.
  34   *
  35   * @package    core
  36   * @subpackage auth
  37   * @copyright  2006 Petr Skoda {@link http://skodak.org}
  38   * @copyright  2013 Peter Bulmer
  39   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  40   */
  41  class login_set_password_form extends moodleform {
  42  
  43      /**
  44       * Define the set password form.
  45       */
  46      public function definition() {
  47          global $CFG;
  48  
  49          $mform = $this->_form;
  50          $mform->setDisableShortforms(true);
  51          $mform->addElement('header', 'setpassword', get_string('setpassword'), '');
  52  
  53          // Include the username in the form so browsers will recognise that a password is being set.
  54          $mform->addElement('text', 'username', '', 'style="display: none;"');
  55          $mform->setType('username', PARAM_RAW);
  56          // Token gives authority to change password.
  57          $mform->addElement('hidden', 'token', '');
  58          $mform->setType('token', PARAM_ALPHANUM);
  59  
  60          // Visible elements.
  61          $mform->addElement('static', 'username2', get_string('username'));
  62  
  63          $policies = array();
  64          if (!empty($CFG->passwordpolicy)) {
  65              $policies[] = print_password_policy();
  66          }
  67          if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) {
  68              $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit);
  69          }
  70          if ($policies) {
  71              $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies));
  72          }
  73          $mform->addElement('password', 'password', get_string('newpassword'));
  74          $mform->addRule('password', get_string('required'), 'required', null, 'client');
  75          $mform->setType('password', PARAM_RAW);
  76  
  77          $strpasswordagain = get_string('newpassword') . ' (' . get_string('again') . ')';
  78          $mform->addElement('password', 'password2', $strpasswordagain);
  79          $mform->addRule('password2', get_string('required'), 'required', null, 'client');
  80          $mform->setType('password2', PARAM_RAW);
  81  
  82          // Hook for plugins to extend form definition.
  83          $user = $this->_customdata;
  84          core_login_extend_set_password_form($mform, $user);
  85  
  86          $this->add_action_buttons(true);
  87      }
  88  
  89      /**
  90       * Perform extra password change validation.
  91       * @param array $data submitted form fields.
  92       * @param array $files submitted with the form.
  93       * @return array errors occuring during validation.
  94       */
  95      public function validation($data, $files) {
  96          $user = $this->_customdata;
  97  
  98          $errors = parent::validation($data, $files);
  99  
 100          // Extend validation for any form extensions from plugins.
 101          $errors = array_merge($errors, core_login_validate_extend_set_password_form($data, $user));
 102  
 103          // Ignore submitted username.
 104          if ($data['password'] !== $data['password2']) {
 105              $errors['password'] = get_string('passwordsdiffer');
 106              $errors['password2'] = get_string('passwordsdiffer');
 107              return $errors;
 108          }
 109  
 110          $errmsg = ''; // Prevents eclipse warnings.
 111          if (!check_password_policy($data['password'], $errmsg, $user)) {
 112              $errors['password'] = $errmsg;
 113              $errors['password2'] = $errmsg;
 114              return $errors;
 115          }
 116  
 117          if (user_is_previously_used_password($user->id, $data['password'])) {
 118              $errors['password'] = get_string('errorpasswordreused', 'core_auth');
 119              $errors['password2'] = get_string('errorpasswordreused', 'core_auth');
 120          }
 121  
 122          return $errors;
 123      }
 124  }