function security_questions_user_login_validate_answer in Security Questions 7

Same name and namespace in other branches

1. 6 security_questions.module \security_questions_user_login_validate_answer()

Validation handler for security_questions_form_user_login_alter().

1 string reference to 'security_questions_user_login_validate_answer'

security_questions_form_user_login_alter in ./security_questions.module

Implements hook_form_FORM_ID_alter() for user_login().

File

./security_questions.module, line 891

Main module file for security_questions.

Code

function security_questions_user_login_validate_answer($form, &$form_state) {
  $errors = form_get_errors();
  if (!$errors) {

    // Get uid from form state.
    $uid = $form_state['uid'];

    // Get question from session.
    $sq_id = $_SESSION['security_question'];

    // Get answer from database.
    $answer = db_query('SELECT user_answer FROM {security_questions_answers}
                        WHERE uid = :uid AND security_question_id = :sqid', array(
      ':uid' => $uid,
      ':sqid' => $sq_id,
    ))
      ->fetchObject();

    // Grab the user provided answer from the form, and from the database.
    $user_answer = _security_questions_clean_answer($form_state['values']['security_answer'], ' .!');
    $db_answer = _security_questions_clean_answer($answer->user_answer, ' .!');

    // Check to see if the user's answers match.
    if ($user_answer != $db_answer) {

      // Instead of showing the same question, randomly pick a new one
      // when a wrong answer is submitted.
      drupal_set_message(t("That's not it... Here's a new question:"), 'error');
      $form_state['rebuild'] = TRUE;
    }

    // If cookies are enabled, set them.
    security_questions_set_cookie($uid, $form_state);
  }
}