. /** * Set password form definition. * * @package core * @subpackage auth * @copyright 2006 Petr Skoda {@link http://skodak.org} * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die(); require_once($CFG->libdir.'/formslib.php'); require_once($CFG->dirroot.'/user/lib.php'); /** * Set forgotten password form definition. * * @package core * @subpackage auth * @copyright 2006 Petr Skoda {@link http://skodak.org} * @copyright 2013 Peter Bulmer * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class login_set_password_form extends moodleform { /** * Define the set password form. */ public function definition() { global $CFG; // Prepare a string showing whether the site wants login password autocompletion to be available to user. if (empty($CFG->loginpasswordautocomplete)) { $autocomplete = 'autocomplete="on"'; } else { $autocomplete = ''; } $mform = $this->_form; $mform->setDisableShortforms(true); $mform->addElement('header', 'setpassword', get_string('setpassword'), ''); // Include the username in the form so browsers will recognise that a password is being set. $mform->addElement('text', 'username', '', 'style="display: none;" ' . $autocomplete); $mform->setType('username', PARAM_RAW); // Token gives authority to change password. $mform->addElement('hidden', 'token', ''); $mform->setType('token', PARAM_ALPHANUM); // Visible elements. $mform->addElement('static', 'username2', get_string('username')); $policies = array(); if (!empty($CFG->passwordpolicy)) { $policies[] = print_password_policy(); } if (!empty($CFG->passwordreuselimit) and $CFG->passwordreuselimit > 0) { $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit); } if ($policies) { $mform->addElement('static', 'passwordpolicyinfo', '', implode('
', $policies)); } $mform->addElement('password', 'password', get_string('newpassword'), $autocomplete); $mform->addRule('password', get_string('required'), 'required', null, 'client'); $mform->setType('password', PARAM_RAW); $strpasswordagain = get_string('newpassword') . ' (' . get_string('again') . ')'; $mform->addElement('password', 'password2', $strpasswordagain, $autocomplete); $mform->addRule('password2', get_string('required'), 'required', null, 'client'); $mform->setType('password2', PARAM_RAW); $this->add_action_buttons(true); } /** * Perform extra password change validation. * @param array $data submitted form fields. * @param array $files submitted with the form. * @return array errors occuring during validation. */ public function validation($data, $files) { $user = $this->_customdata; $errors = parent::validation($data, $files); // Ignore submitted username. if ($data['password'] !== $data['password2']) { $errors['password'] = get_string('passwordsdiffer'); $errors['password2'] = get_string('passwordsdiffer'); return $errors; } $errmsg = ''; // Prevents eclipse warnings. if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; $errors['password2'] = $errmsg; return $errors; } if (user_is_previously_used_password($user->id, $data['password'])) { $errors['password'] = get_string('errorpasswordreused', 'core_auth'); $errors['password2'] = get_string('errorpasswordreused', 'core_auth'); } return $errors; } }