function password_policy_user_login in Password Policy 7
Implements hook_user_login().
File
- ./
password_policy.module, line 379 - Allows enforcing restrictions on user passwords by defining policies.
Code
function password_policy_user_login(&$edit, $account) {
$roles = is_array($account->roles) ? array_keys($account->roles) : array();
$policy = _password_policy_load_active_policy($roles, $account);
// A value $edit['name'] is NULL for a one time login.
if ($policy && (!empty($account->uid) && $account->uid > 1 || variable_get('password_policy_admin', 1)) && !empty($edit['values']['name'])) {
// Calculate expiration and warning times.
$expiration = $policy['expiration'];
$warning = empty($policy['warning']) ? 0 : max(explode(',', $policy['warning']));
$expiration_seconds = $expiration * (60 * 60 * 24);
$warning_seconds = $warning * (60 * 60 * 24);
// The policy was enabled.
$policy_start = $policy['created'];
if (variable_get('password_policy_begin', 0) == 1) {
$policy_start -= $expiration_seconds;
}
if (!empty($expiration)) {
// Account expiration is active.
// Get the last password change time.
$last_change = db_query_range('SELECT created FROM {password_policy_history} WHERE uid = :uid ORDER BY created DESC', 0, 1, array(
':uid' => $account->uid,
))
->fetchField();
if (empty($last_change)) {
// User has not changed their password since this module was enabled.
$last_change = _password_policy_get_user_created_time($account);
}
$time = _password_policy_get_request_time();
if ($time > max($policy_start, $last_change) + $expiration_seconds) {
if (variable_get('password_policy_block', 0) == 0) {
$cron_blocked = db_query_range('SELECT blocked FROM {password_policy_expiration} WHERE uid = :uid ORDER BY blocked DESC', 0, 1, array(
':uid' => $account->uid,
))
->fetchField();
if ($cron_blocked > _password_policy_get_user_login_time($account)) {
// User is blocked immediately and cannot change their password
// after expiration.
_password_policy_block_account($account);
}
}
else {
// Redirect user and let password force change handle.
db_update('password_policy_force_change')
->fields(array(
'force_change' => 1,
))
->condition('uid', $account->uid)
->execute();
_password_policy_set_password_change_forced_message();
_password_policy_go_to_password_change_page();
}
}
elseif ($time > max($policy_start, $last_change) + $expiration_seconds - $warning_seconds) {
// The warning is shown on login and the user is transferred to the
// password change page.
$days_left = ceil((max($policy_start, $last_change) + $expiration_seconds - $time) / (60 * 60 * 24));
drupal_set_message(format_plural($days_left, 'Your password will expire in less than one day. Please change it.', 'Your password will expire in less than @count days. Please change it.'));
_password_policy_go_to_password_change_page();
}
}
}
}