function History_Constraint::validate in Password Policy 5
Overrides Constraint::validate
File
- constraints/
constraint_history.php, line 8
Class
Code
function validate($plaintext_password, $user = NULL) {
if (!$this->minimumConstraintValue) {
return 1;
}
if (!empty($user) && !empty($user->uid)) {
// note that we specify a limit of the window size, but may not get that if the history isn't there.
$result = db_query_range("SELECT * FROM {password_policy_users} WHERE uid = %d ORDER BY created DESC", $user->uid, 0, $this->minimumConstraintValue);
$recordedHistorySize = db_num_rows($result);
// if we don't have the history required to match the constraint history size, then reduce the history size to
// match the available history. This allows the constraint to work minimally until enough history has been
// gathered to operate fully.
$testSize = min($this->minimumConstraintValue, $recordedHistorySize);
$count = 0;
$passwordToCompare = md5($plaintext_password);
$failed = FALSE;
while ($values = db_fetch_array($result)) {
// if we found one password which matches, then we've failed
if ($values['pass'] == $passwordToCompare) {
$failed = TRUE;
}
}
return !$failed;
}
return TRUE;
}