Example #1
0
 function validation($data, $files)
 {
     global $USER;
     $errors = parent::validation($data, $files);
     // ignore submitted username
     if (!($user = authenticate_user_login($USER->username, $data['password'], true))) {
         $errors['password'] = get_string('invalidlogin');
         return $errors;
     }
     if ($data['newpassword1'] != $data['newpassword2']) {
         $errors['newpassword1'] = get_string('passwordsdiffer');
         $errors['newpassword2'] = get_string('passwordsdiffer');
         return $errors;
     }
     if ($data['password'] == $data['newpassword1']) {
         $errors['newpassword1'] = get_string('mustchangepassword');
         $errors['newpassword2'] = get_string('mustchangepassword');
         return $errors;
     }
     if (user_is_previously_used_password($USER->id, $data['newpassword1'])) {
         $errors['newpassword1'] = get_string('errorpasswordreused', 'core_auth');
         $errors['newpassword2'] = get_string('errorpasswordreused', 'core_auth');
     }
     $errmsg = '';
     //prevents eclipse warnings
     if (!check_password_policy($data['newpassword1'], $errmsg)) {
         $errors['newpassword1'] = $errmsg;
         $errors['newpassword2'] = $errmsg;
         return $errors;
     }
     return $errors;
 }
Example #2
0
 /**
  * Test function user_add_password_history().
  */
 public function test_user_is_previously_used_password()
 {
     global $DB;
     $this->resetAfterTest();
     $user1 = $this->getDataGenerator()->create_user();
     $user2 = $this->getDataGenerator()->create_user();
     $DB->delete_records('user_password_history', array());
     set_config('passwordreuselimit', 0);
     user_add_password_history($user1->id, 'pokus');
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus'));
     set_config('passwordreuselimit', 3);
     user_add_password_history($user2->id, 'pokus1');
     user_add_password_history($user2->id, 'pokus2');
     user_add_password_history($user1->id, 'pokus1');
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus4'));
     user_add_password_history($user1->id, 'pokus2');
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus4'));
     user_add_password_history($user1->id, 'pokus3');
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus4'));
     user_add_password_history($user1->id, 'pokus4');
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus4'));
     set_config('passwordreuselimit', 2);
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus4'));
     set_config('passwordreuselimit', 3);
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertTrue(user_is_previously_used_password($user1->id, 'pokus4'));
     set_config('passwordreuselimit', 0);
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus1'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus2'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus3'));
     $this->assertFalse(user_is_previously_used_password($user1->id, 'pokus4'));
 }
Example #3
0
 /**
  * Perform extra password change validation.
  * @param array $data submitted form fields.
  * @param array $files submitted with the form.
  * @return array errors occuring during validation.
  */
 public function validation($data, $files)
 {
     $user = $this->_customdata;
     $errors = parent::validation($data, $files);
     // Ignore submitted username.
     if ($data['password'] !== $data['password2']) {
         $errors['password'] = get_string('passwordsdiffer');
         $errors['password2'] = get_string('passwordsdiffer');
         return $errors;
     }
     $errmsg = '';
     // Prevents eclipse warnings.
     if (!check_password_policy($data['password'], $errmsg)) {
         $errors['password'] = $errmsg;
         $errors['password2'] = $errmsg;
         return $errors;
     }
     if (user_is_previously_used_password($user->id, $data['password'])) {
         $errors['password'] = get_string('errorpasswordreused', 'core_auth');
         $errors['password2'] = get_string('errorpasswordreused', 'core_auth');
     }
     return $errors;
 }