function security_questions_pass_reset_validate_answer in Security Questions 7

Same name and namespace in other branches

1. 6 security_questions.module \security_questions_pass_reset_validate_answer()

Validation handler for security_questions_form_user_pass_alter().

1 string reference to 'security_questions_pass_reset_validate_answer'

security_questions_form_user_pass_alter in ./security_questions.module

Implements hook_form_FORM_ID_alter() for user_pass().

File

./security_questions.module, line 1069

Main module file for security_questions.

Code

function security_questions_pass_reset_validate_answer(&$form, &$form_state) {
  $sq_id = $_SESSION['security_question'];
  $uid = $form_state['security_questions']['account']->uid;

  // Get answer from database.
  $answer = db_query('SELECT user_answer FROM {security_questions_answers}
                      WHERE uid = :uid AND security_question_id = :sqid', array(
    ':uid' => $uid,
    ':sqid' => $sq_id,
  ))
    ->fetchObject();

  // Grab the user provided answer from the form, and from the database.
  $user_answer = _security_questions_clean_answer($form_state['values']['security_answer'], ' .!');
  $db_answer = _security_questions_clean_answer($answer->user_answer, ' .!');

  // Check to see if the user's answers match.
  if ($user_answer != $db_answer) {

    // Instead of showing the same question, randomly pick a new one
    // when a wrong answer is submitted.
    drupal_set_message(t("That's not it... Here's a new question:"), 'error');
    $form_state['rebuild'] = TRUE;
  }
  else {
    $form_state['values']['account'] = $form_state['security_questions']['account'];
    unset($_SESSION['security_questions']);
  }
}