2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
18 * Set password form definition.
22 * @copyright 2006 Petr Skoda {@link http://skodak.org}
23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 defined('MOODLE_INTERNAL') ||
die();
28 require_once($CFG->libdir
.'/formslib.php');
29 require_once($CFG->dirroot
.'/user/lib.php');
32 * Set forgotten password form definition.
36 * @copyright 2006 Petr Skoda {@link http://skodak.org}
37 * @copyright 2013 Peter Bulmer
38 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
40 class login_set_password_form
extends moodleform
{
43 * Define the set password form.
45 public function definition() {
48 $mform = $this->_form
;
49 $mform->setDisableShortforms(true);
50 $mform->addElement('header', 'setpassword', get_string('setpassword'), '');
52 // Include the username in the form so browsers will recognise that a password is being set.
53 $mform->addElement('text', 'username', '', 'style="display: none;"');
54 $mform->setType('username', PARAM_RAW
);
55 // Token gives authority to change password.
56 $mform->addElement('hidden', 'token', '');
57 $mform->setType('token', PARAM_ALPHANUM
);
60 $mform->addElement('static', 'username2', get_string('username'));
63 if (!empty($CFG->passwordpolicy
)) {
64 $policies[] = print_password_policy();
66 if (!empty($CFG->passwordreuselimit
) and $CFG->passwordreuselimit
> 0) {
67 $policies[] = get_string('informminpasswordreuselimit', 'auth', $CFG->passwordreuselimit
);
70 $mform->addElement('static', 'passwordpolicyinfo', '', implode('<br />', $policies));
72 $mform->addElement('password', 'password', get_string('newpassword'));
73 $mform->addRule('password', get_string('required'), 'required', null, 'client');
74 $mform->setType('password', PARAM_RAW
);
76 $strpasswordagain = get_string('newpassword') . ' (' . get_string('again') . ')';
77 $mform->addElement('password', 'password2', $strpasswordagain);
78 $mform->addRule('password2', get_string('required'), 'required', null, 'client');
79 $mform->setType('password2', PARAM_RAW
);
81 $this->add_action_buttons(true);
85 * Perform extra password change validation.
86 * @param array $data submitted form fields.
87 * @param array $files submitted with the form.
88 * @return array errors occuring during validation.
90 public function validation($data, $files) {
91 $user = $this->_customdata
;
93 $errors = parent
::validation($data, $files);
95 // Ignore submitted username.
96 if ($data['password'] !== $data['password2']) {
97 $errors['password'] = get_string('passwordsdiffer');
98 $errors['password2'] = get_string('passwordsdiffer');
102 $errmsg = ''; // Prevents eclipse warnings.
103 if (!check_password_policy($data['password'], $errmsg)) {
104 $errors['password'] = $errmsg;
105 $errors['password2'] = $errmsg;
109 if (user_is_previously_used_password($user->id
, $data['password'])) {
110 $errors['password'] = get_string('errorpasswordreused', 'core_auth');
111 $errors['password2'] = get_string('errorpasswordreused', 'core_auth');