[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  // This file is part of Moodle - http://moodle.org/
   4  //
   5  // Moodle is free software: you can redistribute it and/or modify
   6  // it under the terms of the GNU General Public License as published by
   7  // the Free Software Foundation, either version 3 of the License, or
   8  // (at your option) any later version.
   9  //
  10  // Moodle is distributed in the hope that it will be useful,
  11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  // GNU General Public License for more details.
  14  //
  15  // You should have received a copy of the GNU General Public License
  16  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  17  
  18  /**
  19   * Change password form definition.
  20   *
  21   * @package    core
  22   * @subpackage auth
  23   * @copyright  2006 Petr Skoda {@link http://skodak.org}
  24   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  
  27  defined('MOODLE_INTERNAL') || die();
  28  
  29  require_once $CFG->libdir.'/formslib.php';
  30  
  31  class login_change_password_form extends moodleform {
  32  
  33      function definition() {
  34          global $USER, $CFG;
  35  
  36          $mform = $this->_form;
  37          $mform->setDisableShortforms(true);
  38  
  39          $mform->addElement('header', 'changepassword', get_string('changepassword'), '');
  40  
  41          // visible elements
  42          $mform->addElement('static', 'username', get_string('username'), $USER->username);
  43  
  44          $policies = array();
  45          if (!empty($CFG->passwordpolicy)) {
  46              $policies[] = print_password_policy();
  47          }
  48          if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) {
  49              $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit);
  50          }
  51          if ($policies) {
  52              $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies));
  53          }
  54          $mform->addElement('password', 'password', get_string('oldpassword'));
  55          $mform->addRule('password', get_string('required'), 'required', null, 'client');
  56          $mform->setType('password', PARAM_RAW);
  57  
  58          $mform->addElement('password', 'newpassword1', get_string('newpassword'));
  59          $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
  60          $mform->setType('newpassword1', PARAM_RAW);
  61  
  62          $mform->addElement('password', 'newpassword2', get_string('newpassword').' ('.get_String('again').')');
  63          $mform->addRule('newpassword2', get_string('required'), 'required', null, 'client');
  64          $mform->setType('newpassword2', PARAM_RAW);
  65  
  66  
  67          // hidden optional params
  68          $mform->addElement('hidden', 'id', 0);
  69          $mform->setType('id', PARAM_INT);
  70  
  71          // buttons
  72          if (get_user_preferences('auth_forcepasswordchange')) {
  73              $this->add_action_buttons(false);
  74          } else {
  75              $this->add_action_buttons(true);
  76          }
  77      }
  78  
  79  /// perform extra password change validation
  80      function validation($data, $files) {
  81          global $USER;
  82          $errors = parent::validation($data, $files);
  83  
  84          // ignore submitted username
  85          if (!$user = authenticate_user_login($USER->username, $data['password'], true)) {
  86              $errors['password'] = get_string('invalidlogin');
  87              return $errors;
  88          }
  89  
  90          if ($data['newpassword1'] <> $data['newpassword2']) {
  91              $errors['newpassword1'] = get_string('passwordsdiffer');
  92              $errors['newpassword2'] = get_string('passwordsdiffer');
  93              return $errors;
  94          }
  95  
  96          if ($data['password'] == $data['newpassword1']){
  97              $errors['newpassword1'] = get_string('mustchangepassword');
  98              $errors['newpassword2'] = get_string('mustchangepassword');
  99              return $errors;
 100          }
 101  
 102          if (user_is_previously_used_password($USER->id, $data['newpassword1'])) {
 103              $errors['newpassword1'] = get_string('errorpasswordreused', 'core_auth');
 104              $errors['newpassword2'] = get_string('errorpasswordreused', 'core_auth');
 105          }
 106  
 107          $errmsg = '';//prevents eclipse warnings
 108          if (!check_password_policy($data['newpassword1'], $errmsg)) {
 109              $errors['newpassword1'] = $errmsg;
 110              $errors['newpassword2'] = $errmsg;
 111              return $errors;
 112          }
 113  
 114          return $errors;
 115      }
 116  }