function security_questions_pass_reset_validate_answer in Security Questions 6

Same name and namespace in other branches

1. 7 security_questions.module \security_questions_pass_reset_validate_answer()

Validation handler for security_questions_form_user_pass_alter().

1 string reference to 'security_questions_pass_reset_validate_answer'

security_questions_form_user_pass_alter in ./security_questions.module

Implements hook_form_FORM_ID_alter() for user_pass().

File

./security_questions.module, line 1065

Main module file for security_questions.

Code

function security_questions_pass_reset_validate_answer(&$form, &$form_state) {
  $sq_id = $_SESSION['security_question'];
  $uid = $_SESSION['security_questions']['account']->uid;

  // Get answer from database.
  $answer = db_fetch_object(db_query('SELECT user_answer FROM {security_questions_answers}
                        WHERE uid = %d AND security_question_id = %d', $uid, $sq_id));

  // Grab the user provided answer from the form, and from the database.
  $user_answer = _security_questions_clean_answer($form_state['values']['security_answer'], ' .!');
  $db_answer = _security_questions_clean_answer($answer->user_answer, ' .!');

  // Check to see if the user's answers match.
  if ($user_answer != $db_answer) {

    // Instead of showing the same question, randomly pick a new one
    // when a wrong answer is submitted.
    drupal_set_message(t("That's not it... Here's a new question:"), 'error');
    $form_state['rebuild'] = TRUE;
  }
  else {
    $form_state['values']['account'] = $_SESSION['security_questions']['account'];
    $form_state['redirect'] = 'user';
    unset($_SESSION['security_questions']);
  }
}