View source
<?php
function force_password_change_perm() {
return array(
'Administer force password change',
);
}
function force_password_change_menu() {
$menu['admin/user/force_password_change'] = array(
'title' => 'Force password change',
'page callback' => 'drupal_get_form',
'page arguments' => array(
'force_password_change_settings',
),
'access arguments' => array(
'Administer force password change',
),
'file' => 'force_password_change_pages.inc',
);
$menu['force_password_change/list/%'] = array(
'title' => 'dummy title. Does not need translation',
'page callback' => 'force_password_change_list',
'page arguments' => array(
2,
),
'access arguments' => array(
'Administer force password change',
),
'file' => 'force_password_change_pages.inc',
'type' => MENU_CALLBACK,
);
return $menu;
}
function force_password_change_init() {
global $user;
$change_password_url = preg_replace('/!uid/', $user->uid, variable_get('change_password_url', 'user/!uid/edit'));
if ($user->force_password_change && $_GET['q'] != $change_password_url && $_GET['q'] != drupal_get_path_alias('logout')) {
drupal_set_message(t('An administrator has required that you change your password. You must change your password to proceed on the site.'), 'error', FALSE);
drupal_goto($change_password_url, 'destination=' . $_GET['q']);
}
}
function force_password_change_user($op, &$edit, &$account, $category = NULL) {
global $user;
switch ($op) {
case 'validate':
if ($account->force_password_change && $account->uid == $user->uid) {
if ($edit['pass'] == '') {
form_set_error('password', t('You must choose a new password'));
}
else {
$password_same = db_result(db_query('SELECT 1 ' . 'FROM {users} ' . 'WHERE uid = %d AND pass = "%s"', $account->uid, md5($edit['pass'])));
if ($password_same) {
form_set_error('password', t('You cannot use your current password. Please choose something different.'));
}
}
}
break;
case 'register':
$form = array();
if (!variable_get('first_time_login_password_change', FALSE)) {
$form['force_password_change'] = array(
'#type' => 'checkbox',
'#title' => t('Force password change on first-time login'),
'#description' => t('If this box is checked, the user will be forced to change their password on their first login.'),
);
}
return $form;
break;
case 'update':
if ($account->force_password_change && $user->uid == $account->uid && isset($edit['pending_force_password_change'])) {
db_query('UPDATE {users} SET force_password_change = 0 WHERE uid = %d', $account->uid);
db_query('UPDATE {force_password_change_users} SET last_password_change = %d WHERE uid = %d', time(), $account->uid);
$forced_uids = variable_get('force_password_change_first_time_uids', array());
if (count($forced_uids)) {
unset($forced_uids[$account->uid]);
variable_set('force_password_change_first_time_uids', $forced_uids);
}
}
if ($edit['force_password_change']) {
db_query('UPDATE {users} SET force_password_change = 1 WHERE uid = %d', $account->uid);
db_query('UPDATE {force_password_change_users} SET last_force = %d WHERE uid = %d', time(), $account->uid);
unset($edit['force_password_change']);
}
break;
case 'insert':
db_query('INSERT INTO {force_password_change_users} (uid) VALUES (%d)', $account->uid);
if (variable_get('first_time_login_password_change', 0)) {
db_query('UPDATE {users} SET force_password_change = 1 WHERE uid = %d', $account->uid);
}
elseif ($edit['force_password_change']) {
db_query('UPDATE {users} SET force_password_change = 1 WHERE uid = %d', $account->uid);
$forced_uids = variable_get('force_password_change_first_time_uids', array());
$forced_uids[$account->uid] = $account->uid;
variable_set('force_password_change_first_time_uids', $forced_uids);
}
unset($edit['force_password_change']);
break;
case 'delete':
db_query('DELETE FROM {force_password_change_users} WHERE uid = %d', $account->uid);
break;
}
}
function force_password_change_form_alter(&$form, &$form_state, $form_id) {
if ($form_id == 'user_admin_new_role') {
$form['#submit'][] = 'force_password_change_add_role';
$form['#theme'][] = 'force_password_change_new_role_form';
}
elseif ($form_id == 'user_admin_role') {
$form['force_password_change'] = array(
'#type' => 'checkbox',
'#title' => t('Force users in this role to change their password'),
'#description' => t('Users who are not signed in will be required to change their password immediately upon sign in. Users who are currently signed in will be required to change their password upon their next page click, but after changing their password will be redirected back to the page they were attempting to access.') . '<br />' . t('Note: When you return to this page, this box will be unchecked. This is because this setting is a trigger, not a persistant state.'),
'#weight' => -1,
);
$form['name']['#weight'] = -2;
$form['#submit'][] = 'force_password_change_administer_role';
}
elseif ($form_id == 'user_profile_form') {
global $user;
if (user_access('Administer force password change', $user)) {
$form['account']['name']['#weight'] = -2;
$form['account']['mail']['#weight'] = -1;
$form['account']['password']['#weight'] = -1;
$form['account']['password']['pass'] = $form['account']['pass'];
unset($form['account']['pass']);
if ($user->uid != $form['_account']['#value']->uid) {
$form['account']['password']['force_password_change'] = array(
'#type' => 'checkbox',
'#title' => t('Force this user to change their password'),
'#description' => t('If this box is checked, the user will be forced to change their password. If the user is signed in, they will be forced to change their password on their next page load. If they are not signed in, they will be forced to change their password the next time they log in.') . '<br />' . t('Note: This box will be unchecked each time the page is loaded, as it is a trigger, not a persistent state.'),
);
}
$force_password_data = db_fetch_array(db_query('SELECT last_password_change, last_force FROM {force_password_change_users} WHERE uid = %d', $form['_account']['#value']->uid));
$password_stats = '<p><strong>' . t('Password Stats:') . '</strong></p>';
$password_stats .= '<ul>';
$password_stats .= '<li>' . t('User has a pending forced password change:') . ' ';
$password_stats .= $form['_account']['#value']->force_password_change ? t('Yes') : t('No') . '</li>';
$password_stats .= '<li>' . t("User was last forced to change their password on:") . ' ';
if ($force_password_data['last_force'] != '') {
$last_force = format_date($force_password_data['last_force'], 'small');
}
elseif (variable_get('first_time_login_password_change', FALSE) && $form['_account']['#value']->created > variable_get('force_password_change_installation_date', 0)) {
$last_force = t('Their first login');
}
else {
$forced_uids = variable_get('force_password_change_first_time_uids', array());
if (count($forced_uids) && isset($forced_uids[$form['_account']['#value']->uid])) {
$last_force = t('Their first login');
}
elseif ($force_password_data['last_password_change'] != '') {
$last_force = t('Their first login');
}
else {
$last_force = t('Never');
}
}
$password_stats .= $last_force . '</li>';
$password_stats .= '<li>' . t('User last changed their password on:') . ' ';
$password_stats .= $force_password_data['last_password_change'] != '' ? format_date($force_password_data['last_password_change'], 'small') : t('Never');
$password_stats .= '</li>';
$password_stats .= '</ul>';
$form['account']['password']['password_stats'] = array(
'#value' => $password_stats,
);
}
$form['pending_force_password_change'] = array(
'#type' => 'value',
'#value' => $form['_account']['#value']->force_password_change,
);
}
if ($form_id == 'user_register') {
$form['account']['name']['#weight'] = -2;
$form['account']['mail']['#weight'] = -1;
$form['account']['password']['#weight'] = -1;
$form['account']['password']['pass'] = $form['account']['pass'];
$form['account']['password']['force_password_change'] = $form['force_password_change'];
unset($form['account']['pass']);
unset($form['force_password_change']);
}
}
function force_password_change_theme() {
return array(
'force_password_change_new_role_form' => array(
'arguments' => array(
'form' => NULL,
),
'file' => 'force_password_change_pages.inc',
),
'force_password_change_settings' => array(
'arguments' => array(
'form' => NULL,
),
'file' => 'force_password_change_pages.inc',
),
);
}
function force_password_change_add_role($form, &$form_state) {
$rid = db_result(db_query('SELECT rid FROM {role} WHERE name = "%s"', $form_state['values']['name']));
db_query('INSERT INTO {force_password_change_roles} (rid) VALUES (%d)', $rid);
}
function force_password_change_administer_role($form, &$form_state) {
if ($form_state['values']['op'] == $form_state['values']['delete']) {
db_query('DELETE FROM {force_password_change_roles} WHERE rid = %d', $form_state['values']['rid']);
}
elseif ($form_state['values']['op'] == $form_state['values']['submit'] && $form_state['values']['force_password_change']) {
$uids = array();
$db_uids = db_query('SELECT uid ' . 'FROM {users_roles} ' . 'WHERE rid = %d', $form_state['values']['rid']);
while ($uid = db_fetch_array($db_uids)) {
$uids[] = $uid['uid'];
}
$uid_list = implode(', ', $uids);
if (strlen($uid_list)) {
db_query('UPDATE {users} ' . 'SET force_password_change = 1 ' . 'WHERE uid IN (%s)', $uid_list);
db_query('UPDATE {force_password_change_users} ' . 'SET last_force = %d ' . 'WHERE uid IN (%s)', time(), $uid_list);
}
db_query('UPDATE {force_password_change_roles} ' . 'SET last_force = %d ' . 'WHERE rid = %d ', time(), $form_state['values']['rid']);
drupal_set_message(t('Users in this role will be required to immediately change their password'));
}
}