You are here

function ldapauth_form_alter in LDAP integration 5

Same name and namespace in other branches
  1. 5.2 ldapauth.module \ldapauth_form_alter()
  2. 6 ldapauth.module \ldapauth_form_alter()

File

./ldapauth.module, line 797

Code

function ldapauth_form_alter($form_id, &$form) {
  global $user;
  if (isset($form['#validate']['user_login_validate'])) {
    $form['#validate'] = array(
      'ldapauth_login_validate' => array(),
    );
  }

  // Rewrite forms regarding user administration
  switch ($form_id) {
    case 'user_login_block':

      // Since form only available when not logged in, no need to check for admin?
      if (variable_get('ldap_disable_request_new_password', FALSE)) {
        unset($form['links']);
      }
      break;
    case 'user_pass':
      $opt = variable_get('ldap_alter_reset_form', LDAP_RESET_FORM_NO);
      if ($opt != LDAP_RESET_FORM_NO && variable_get('ldap_user_pass_form', FALSE)) {
        if ($opt == LDAP_RESET_FORM_OVERWRITE) {
          $form = array(
            '#value' => t(variable_get('ldap_user_pass_form', '<h2>Form disabled by administrator.</h2>')),
          );
        }
        else {
          $form_stub = array(
            array(
              '#value' => t(variable_get('ldap_user_pass_form', '<h2>Form disabled by administrator.</h2>')),
            ),
          );
          $form = array_merge($form_stub, $form);
        }
      }
      break;
    case 'user_edit':

      // Check for UI changes if ldap user
      if ($user->ldap_authentified) {
        if (variable_get('ldap_disable_user_request_password', FALSE)) {
          unset($form['account']['pass']);
        }
        $opt = variable_get('ldap_alter_email_field', LDAP_EMAIL_FIELD_NO);
        if ($opt != LDAP_EMAIL_FIELD_NO) {
          if ($opt == LDAP_EMAIL_FIELD_REMOVE) {

            // Cannot just remove field because is built into Drupal as required
            $form['account']['mail']['#type'] = 'hidden';
            $form['account']['mail']['#attributes']['READONLY'] = 'READONLY';
            $form['account']['mail']['#value'] = $form['account']['mail']['#default_value'];
          }
          else {

            // To prevent a user from getting stuck if they have no ldap email, switching
            // to readonly which is similar to 'DISABLED' except the default value will be submitted
            $form['account']['mail']['#attributes']['READONLY'] = 'READONLY';
          }
        }

        // Remove fieldset if empty
        if (key_exists('account', $form) && !key_exists('pass', $form['account']) && key_exists('mail', $form['account']) && $form['account']['mail']['#type'] == 'hidden') {

          // First make sure no one else added any unexpected form fields
          foreach ($form['account'] as $key => $value) {
            if (substr($key, 0, 1) != '#' && !($key == 'mail' || $key == 'pass')) {

              // A key that isn't an attribute, 'mail', or 'pass' found; break to avoid removing fieldset
              break;
            }
          }

          // No other fields, preserve mail and nuke fieldset
          $form['mail'] = $form['account']['mail'];
          unset($form['account']);
        }
      }
      break;
  }
}