Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
- Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
/login/ -> set_password_form.php (source)
Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403] [Versions 402 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Set password form definition. 19 * 20 * @package core 21 * @subpackage auth 22 * @copyright 2006 Petr Skoda {@link http://skodak.org} 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 */ 25 26 defined('MOODLE_INTERNAL') || die(); 27 28 require_once($CFG->libdir.'/formslib.php'); 29 require_once($CFG->dirroot.'/user/lib.php'); 30 require_once ('lib.php'); 31 32 /** 33 * Set forgotten password form definition. 34 * 35 * @package core 36 * @subpackage auth 37 * @copyright 2006 Petr Skoda {@link http://skodak.org} 38 * @copyright 2013 Peter Bulmer 39 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 40 */ 41 class login_set_password_form extends moodleform { 42 43 /** 44 * Define the set password form. 45 */ 46 public function definition() { 47 global $CFG; 48 49 $mform = $this->_form; 50 $mform->setDisableShortforms(true); 51 $mform->addElement('header', 'setpassword', get_string('setpassword'), ''); 52 53 // Include the username in the form so browsers will recognise that a password is being set. 54 $mform->addElement('text', 'username', '', 'style="display: none;"'); 55 $mform->setType('username', PARAM_RAW); 56 // Token gives authority to change password. 57 $mform->addElement('hidden', 'token', ''); 58 $mform->setType('token', PARAM_ALPHANUM); 59 60 // Visible elements. 61 $mform->addElement('static', 'username2', get_string('username')); 62 63 $policies = array(); 64 if (!empty($CFG->passwordpolicy)) { 65 $policies[] = print_password_policy(); 66 } 67 if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) { 68 $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit); 69 } 70 if ($policies) { 71 $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies)); 72 } 73 $mform->addElement('password', 'password', get_string('newpassword'), 74 ['maxlength' => MAX_PASSWORD_CHARACTERS]); 75 $mform->addRule('password', get_string('required'), 'required', null, 'client'); 76 $mform->addRule('password', get_string('maximumchars', '', MAX_PASSWORD_CHARACTERS), 77 'maxlength', MAX_PASSWORD_CHARACTERS, 'client'); 78 $mform->setType('password', PARAM_RAW); 79 80 $strpasswordagain = get_string('newpassword') . ' (' . get_string('again') . ')'; 81 $mform->addElement('password', 'password2', $strpasswordagain, 82 ['maxlength' => MAX_PASSWORD_CHARACTERS]); 83 $mform->addRule('password2', get_string('required'), 'required', null, 'client'); 84 $mform->setType('password2', PARAM_RAW); 85 86 // Hook for plugins to extend form definition. 87 $user = $this->_customdata; 88 core_login_extend_set_password_form($mform, $user); 89 90 $this->add_action_buttons(true); 91 } 92 93 /** 94 * Perform extra password change validation. 95 * @param array $data submitted form fields. 96 * @param array $files submitted with the form. 97 * @return array errors occuring during validation. 98 */ 99 public function validation($data, $files) { 100 $user = $this->_customdata; 101 102 $errors = parent::validation($data, $files); 103 104 // Extend validation for any form extensions from plugins. 105 $errors = array_merge($errors, core_login_validate_extend_set_password_form($data, $user)); 106 107 // Ignore submitted username. 108 if ($data['password'] !== $data['password2']) { 109 $errors['password'] = get_string('passwordsdiffer'); 110 $errors['password2'] = get_string('passwordsdiffer'); 111 return $errors; 112 } 113 114 $errmsg = ''; // Prevents eclipse warnings. 115 if (!check_password_policy($data['password'], $errmsg, $user)) { 116 $errors['password'] = $errmsg; 117 $errors['password2'] = $errmsg; 118 return $errors; 119 } 120 121 if (user_is_previously_used_password($user->id, $data['password'])) { 122 $errors['password'] = get_string('errorpasswordreused', 'core_auth'); 123 $errors['password2'] = get_string('errorpasswordreused', 'core_auth'); 124 } 125 126 return $errors; 127 } 128 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
