login/change_password_form.php

   1 <?php //$Id$
   2
   3 if (!defined('MOODLE_INTERNAL')) {
   4     die('Direct access to this script is forbidden.');    ///  It must be included from a Moodle page
   5 }
   6
   7 require_once $CFG->libdir.'/formslib.php';
   8
   9 class login_change_password_form extends moodleform {
  10
  11     function definition() {
  12         global $USER, $CFG;
  13
  14         $mform =& $this->_form;
  15
  16         $mform->addElement('header', '', get_string('changepassword'), '');
  17
  18         // visible elements
  19         $mform->addElement('static', 'username', get_string('username'), $USER->username);
  20
  21         if (!empty($CFG->passwordpolicy)){
  22             $mform->addElement('static', 'passwordpolicyinfo', '', print_password_policy());
  23         }
  24         $mform->addElement('password', 'password', get_string('oldpassword'));
  25         $mform->addRule('password', get_string('required'), 'required', null, 'client');
  26         $mform->setType('password', PARAM_RAW);
  27
  28         $mform->addElement('password', 'newpassword1', get_string('newpassword'));
  29         $mform->addRule('newpassword1', get_string('required'), 'required', null, 'client');
  30         $mform->setType('newpassword1', PARAM_RAW);
  31
  32         $mform->addElement('password', 'newpassword2', get_string('newpassword').' ('.get_String('again').')');
  33         $mform->addRule('newpassword2', get_string('required'), 'required', null, 'client');
  34         $mform->setType('newpassword2', PARAM_RAW);
  35
  36
  37         // hidden optional params
  38         $mform->addElement('hidden', 'id', 0);
  39         $mform->setType('id', PARAM_INT);
  40
  41         // buttons
  42         if (get_user_preferences('auth_forcepasswordchange')) {
  43             $this->add_action_buttons(false);
  44         } else {
  45             $this->add_action_buttons(true);
  46         }
  47     }
  48
  49 /// perform extra password change validation
  50     function validation($data, $files) {
  51         global $USER;
  52         $errors = parent::validation($data, $files);
  53
  54         update_login_count();
  55
  56         // ignore submitted username
  57         if (!$user = authenticate_user_login(addslashes($USER->username), $data['password'])) {
  58             $errors['password'] = get_string('invalidlogin');
  59             return $errors;
  60         }
  61
  62         reset_login_count();
  63
  64         if ($data['newpassword1'] <> $data['newpassword2']) {
  65             $errors['newpassword1'] = get_string('passwordsdiffer');
  66             $errors['newpassword2'] = get_string('passwordsdiffer');
  67             return $errors;
  68         }
  69
  70         if ($data['password'] == $data['newpassword1']){
  71             $errors['newpassword1'] = get_string('mustchangepassword');
  72             $errors['newpassword2'] = get_string('mustchangepassword');
  73             return $errors;
  74         }
  75
  76         $errmsg = '';//prevents eclipse warnings
  77         if (!check_password_policy($data['newpassword1'], $errmsg)) {
  78             $errors['newpassword1'] = $errmsg;
  79             $errors['newpassword2'] = $errmsg;
  80             return $errors;
  81         }
  82
  83         return $errors;
  84     }
  85 }
  86 ?>