You are here

Home » API reference » Password Policy 7 » password_policy.module

function password_policy_form_alter in Password Policy 7

Same name and namespace in other branches
  1. 6 password_policy.module \password_policy_form_alter()
  2. 7.2 password_policy.module \password_policy_form_alter()

Implements hook_form_alter().

File

./password_policy.module, line 464
Allows enforcing restrictions on user passwords by defining policies.

Code

function password_policy_form_alter(&$form, &$form_state, $form_id) {
  global $user;
  if (_password_policy_has_account_password_element($form)) {

    // Timing issues require reloading the user object to get the
    // password_change property set.
    $account = user_load($user->uid);

    // Force password change on user account.
    if (user_access('force password change')) {
      if (isset($form['#user_category']) && $form['#user_category'] == 'account') {
        $force_change = db_query_range('SELECT force_change FROM {password_policy_force_change} WHERE uid=:uid', 0, 1, array(
          ':uid' => $form['#user']->uid,
        ))
          ->fetchField();

        // If we didn't get a valid result, use the default.
        if (is_null($force_change) || $force_change === FALSE) {
          $force_change = variable_get('password_policy_new_login_change', 0);
        }
        $form['password_policy'] = array(
          '#type' => 'fieldset',
          '#title' => t('Password settings'),
        );
        $form['password_policy']['force_password_change'] = array(
          '#type' => 'checkbox',
          '#title' => t('Force password change on next login'),
          '#description' => t('If already logged in, the user will be forced to change their password upon their next page request.'),
          '#default_value' => $force_change,
        );
      }
    }

    // Password change form.
    $account = $form['#user'];
    $roles = isset($account->roles) ? array_keys($account->roles) : array(
      DRUPAL_AUTHENTICATED_RID,
    );
    if ($form_id == 'user_register_form') {
      $roles = array(
        DRUPAL_AUTHENTICATED_RID,
      );
    }
    $policy = _password_policy_load_active_policy($roles, $account);
    $translate = array();
    if (!empty($policy['constraints'])) {

      // Some policy constraints are active.
      password_policy_add_policy_js($policy, $account, $form);
      foreach ($policy['constraints'] as $key => $value) {
        if ($value) {
          $translate['constraint_' . $key] = _password_policy_constraint_error($key, $value);
        }
      }
    }

    // Printing out the restrictions.
    if (variable_get('password_policy_show_restrictions', 0) && isset($translate) && (isset($form['pass']) || isset($form['account']['pass']))) {
      $restriction_html = '<div id="account-pass-restrictions">' . theme('item_list', array(
        'items' => array_values($translate),
        'title' => t('Password Requirements'),
      )) . '</div>';
      if (isset($form['account']) && is_array($form['account'])) {
        $form['account']['pass']['#prefix'] = $restriction_html;
      }
      else {
        $form['pass']['#prefix'] = $restriction_html;
      }
    }

    // Set a custom form validate and submit handlers.
    $form['#validate'][] = 'password_policy_password_validate';
  }
  if ($form_id == 'password_policy_password_tab') {
    $form['submit']['#weight'] = 10;
  }
}