function _password_policy_get_allowed_paths in Password Policy 7

Gets paths allowed when password change forced.

The allowed paths comprise configurable and non-configurable paths. Configurable paths can be changed by the administrator; non-configurable paths are built into the module and cannot be changed.

Modules can add, modify, or delete paths by implementing hook_password_policy_force_change_allowed_paths_alter(). For instance, a module could add the path of a JavaScript file needed for the page to behave properly. Implementors should consider the security implications of altering the paths. There is increased risk that allowed paths will be accessed by attackers.

Return value

string[] Array of path patterns in the form expected by the $patterns parameter of drupal_match_path().

1 call to _password_policy_get_allowed_paths()

_password_policy_is_path_allowed_when_password_change_forced in ./password_policy.module

Determines whether access to path allowed when user password change forced.

File

./password_policy.module, line 933

Allows enforcing restrictions on user passwords by defining policies.

Code

function _password_policy_get_allowed_paths() {
  $configurable_allowed_paths = _password_policy_get_configurable_allowed_paths();
  $nonconfigurable_allowed_paths = _password_policy_get_nonconfigurable_allowed_paths();
  $allowed_paths = array_merge($configurable_allowed_paths, $nonconfigurable_allowed_paths);
  drupal_alter('password_policy_force_change_allowed_paths', $allowed_paths);
  return array_unique($allowed_paths);
}