function security_questions_settings_form in Security Questions 6.2
Same name and namespace in other branches
- 6 security_questions.module \security_questions_settings_form()
- 7.2 security_questions.admin.inc \security_questions_settings_form()
- 7 security_questions.module \security_questions_settings_form()
Security questions module settings form.
1 string reference to 'security_questions_settings_form'
- security_questions_menu in ./
security_questions.module - Implements hook_menu().
File
- ./
security_questions.admin.inc, line 110 - Administrative UI for the security questions module.
Code
function security_questions_settings_form(&$form_state) {
// Configure the number and type of questions.
$form['security_questions_number_required'] = array(
'#title' => t('Required number of questions'),
'#description' => t('The number of questions that users are required to have answered on their accounts.'),
'#type' => 'select',
'#default_value' => variable_get('security_questions_number_required', 3),
'#options' => drupal_map_assoc(array(
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
)),
);
$form['security_questions_user_questions'] = array(
'#title' => t('User-defined questions'),
'#description' => t('Allow users to create their own questions to answer.'),
'#type' => 'checkbox',
'#default_value' => variable_get('security_questions_user_questions', FALSE),
);
// Configure question challenges.
$form['challenges'] = array(
'#title' => t('Protected forms'),
'#description' => t('Users will be required to answer a security question when submitting one of the forms selected below.'),
'#type' => 'fieldset',
'#collapsible' => FALSE,
);
$form['challenges']['security_questions_password_reset'] = array(
'#title' => t('Password reset request'),
'#type' => 'checkbox',
'#default_value' => variable_get('security_questions_password_reset', FALSE),
);
$form['challenges']['security_questions_user_login'] = array(
'#title' => t('User login'),
'#type' => 'checkbox',
'#default_value' => variable_get('security_questions_user_login', FALSE),
);
$form['challenges']['security_questions_protection_mode'] = array(
'#title' => t('When should the question challenge occur during login?'),
'#description' => t("Note that if the question is asked before the password, malicious people may be able to guess a user's answer through social engineering, just by knowing the user's username."),
'#type' => 'radios',
'#default_value' => variable_get('security_questions_protection_mode', 'after'),
'#options' => array(
'after' => t('After entering both the username and the password'),
'before' => t('After entering the username, but before the password'),
),
);
$form['challenges']['security_questions_cookie'] = array(
'#title' => t('Show "remember this computer" option on protected forms'),
'#description' => t('If enabled, users will have the option to disable future question challenges for actions performed from the same computer.'),
'#type' => 'checkbox',
'#default_value' => variable_get('security_questions_cookie', FALSE),
);
$form['challenges']['security_questions_cookie_expire'] = array(
'#title' => t('Cookies expire after'),
'#description' => t('Controls how long a user is allowed to bypass question challenges after selecting the "remember this computer" option.'),
'#type' => 'select',
'#default_value' => variable_get('security_questions_cookie_expire', 604800),
'#options' => array(
0 => t('Never'),
) + drupal_map_assoc(array(
86400,
172800,
259200,
432000,
604800,
1209600,
2419200,
), 'format_interval') + array(
7776000 => t('3 months'),
),
);
// Configure flood control.
$form['flood'] = array(
'#title' => t('Flood control'),
'#type' => 'fieldset',
'#collapsible' => FALSE,
);
$form['flood']['security_questions_flood_expire'] = array(
'#title' => t('After giving an incorrect answer, for how long should a visitor be blocked from attempting that same question again?'),
'#description' => t("When a question is answered incorrectly, the visitor's IP address will be logged in the database, along with the question that was asked and the ID of the user account to which the visitor was trying to authenticate. The logged question will not be shown again to that IP for that user account until either the timeout period set here expires or the visitor answers a question correctly for that user account. If the visitor answers all of the user's questions incorrectly, access as that user will be denied to that IP for anything protected by security questions until the timeout expires for one or more questions."),
'#type' => 'select',
'#default_value' => variable_get('security_questions_flood_expire', 3600),
'#options' => array(
0 => t('No delay'),
) + drupal_map_assoc(array(
60,
300,
900,
1800,
3600,
10800,
21600,
43200,
86400,
604800,
), 'format_interval'),
);
return system_settings_form($form);
}