function recovery_pass_user_login_validate in Recovery Password (Email New Password) 7

Custom Submit handler for user login form.

Incase user tries to login using old pass then error msg is shown that pass has been reset, till user tries any other pass.

1 string reference to 'recovery_pass_user_login_validate'

recovery_pass_form_alter in ./recovery_pass.module

Implements hook_form_alter().

File

./recovery_pass.module, line 220

Alters default Drupal password recovery process by overriding default submit.

Code

function recovery_pass_user_login_validate($form, &$form_state) {
  $input_password = trim($form_state['values']['pass']);
  if (!empty($form_state['values']['name']) && !empty($input_password)) {
    $account = db_query("SELECT uid,pass FROM {users} WHERE name = :name AND status = 1", array(
      ':name' => $form_state['values']['name'],
    ))
      ->fetchObject();

    // Check uid exists in recovery_pass table.
    $result = db_select('recovery_pass', 'r')
      ->fields('r', array(
      'uid',
      'old_pass',
    ))
      ->condition('uid', (int) $account->uid)
      ->execute()
      ->fetchAssoc();
    if ($result) {

      // If uid exists in table.
      $old_password = $result['old_pass'];

      // Match input password with password stored in recovery_pass table.
      if (_recovery_pass_match_old_password($input_password, $old_password)) {
        drupal_set_message(_recovery_pass_mail_text('old_pass_warning'), 'warning', FALSE);
      }
      else {

        // Irrespective of the input password delete the entry.
        $entry_deleted = db_delete('recovery_pass')
          ->condition('uid', $result['uid'])
          ->execute();
        if (!$entry_deleted) {
          watchdog('recovery_pass', 'Error deleting entry from recovery_table for user @id', array(
            '@id' => $result['uid'],
          ), WATCHDOG_NOTICE, 'link');
        }
      }
    }
  }
}