mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-04-15 13:33:52 +02:00
Code Issues Projects Releases Wiki Activity

MDL-66123 core: check_password_policy takes $user argument

Browse Source
This commit is contained in:
[Peter Burnett] 2019-07-18 10:23:24 +10:00
parent f622ee97e3
commit ad9c96e531
8 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/cli/reset_password.php
View File

@ -94,7 +94,7 @@ if ($options['password'] == '' ) {
$errmsg = '';//prevent eclipse warning
if (!$options['ignore-password-policy'] ) {
if (!check_password_policy($password, $errmsg)) {
if (!check_password_policy($password, $errmsg, $user)) {
cli_error(html_to_text($errmsg, 0));
}
}

4
admin/tool/uploaduser/index.php
View File

@ -668,7 +668,7 @@ if ($formdata = $mform2->is_cancelled()) {
// Check for passwords that we want to force users to reset next
// time they log in.
$errmsg = null;
$weak = !check_password_policy($user->password, $errmsg);
$weak = !check_password_policy($user->password, $errmsg, $user);
if ($resetpasswords == UU_PWRESET_ALL or ($resetpasswords == UU_PWRESET_WEAK and $weak)) {
if ($weak) {
$weakpasswords++;
@ -809,7 +809,7 @@ if ($formdata = $mform2->is_cancelled()) {
}
} else {
$errmsg = null;
$weak = !check_password_policy($user->password, $errmsg);
$weak = !check_password_policy($user->password, $errmsg, $user);
if ($resetpasswords == UU_PWRESET_ALL or ($resetpasswords == UU_PWRESET_WEAK and $weak)) {
if ($weak) {
$weakpasswords++;

10
lib/authlib.php
View File

@ -1044,8 +1044,16 @@ function signup_validate_data($data, $files) {
}
}
// Construct fake user object to check password policy against required information.
$tempuser = new stdClass();
$tempuser->id = 1;
$tempuser->username = $data['username'];
$tempuser->firstname = $data['firstname'];
$tempuser->lastname = $data['lastname'];
$tempuser->email = $data['email'];
$errmsg = '';
if (!check_password_policy($data['password'], $errmsg)) {
if (!check_password_policy($data['password'], $errmsg, $tempuser)) {
$errors['password'] = $errmsg;
}

5
lib/moodlelib.php
View File

@ -4939,9 +4939,10 @@ function get_complete_user_data($field, $value, $mnethostid = null, $throwexcept
*
* @param string $password the password to be checked against the password policy
* @param string $errmsg the error message to display when the password doesn't comply with the policy.
* @param stdClass $user the user object to perform password validation against. Defaults to null if not provided
* @return bool true if the password is valid according to the policy. false otherwise.
*/
function check_password_policy($password, &$errmsg) {
function check_password_policy($password, &$errmsg, $user = null) {
global $CFG;
if (!empty($CFG->passwordpolicy)) {
@ -4971,7 +4972,7 @@ function check_password_policy($password, &$errmsg) {
$pluginsfunction = get_plugins_with_function('check_password_policy');
foreach ($pluginsfunction as $plugintype => $plugins) {
foreach ($plugins as $pluginfunction) {
$pluginerr = $pluginfunction($password);
$pluginerr = $pluginfunction($password, $user);
if ($pluginerr) {
$errmsg .= '<div>'. $pluginerr .'</div>';
}

2
login/change_password_form.php
View File

@ -113,7 +113,7 @@ class login_change_password_form extends moodleform {
}
$errmsg = '';//prevents eclipse warnings
if (!check_password_policy($data['newpassword1'], $errmsg)) {
if (!check_password_policy($data['newpassword1'], $errmsg, $USER)) {
$errors['newpassword1'] = $errmsg;
$errors['newpassword2'] = $errmsg;
return $errors;

2
login/set_password_form.php
View File

@ -100,7 +100,7 @@ class login_set_password_form extends moodleform {
}
$errmsg = ''; // Prevents eclipse warnings.
if (!check_password_policy($data['password'], $errmsg)) {
if (!check_password_policy($data['password'], $errmsg, $user)) {
$errors['password'] = $errmsg;
$errors['password2'] = $errmsg;
return $errors;

2
user/editadvanced_form.php
View File

@ -266,7 +266,7 @@ class user_editadvanced_form extends moodleform {
} else {
if (!empty($usernew->newpassword)) {
$errmsg = ''; // Prevent eclipse warning.
if (!check_password_policy($usernew->newpassword, $errmsg)) {
if (!check_password_policy($usernew->newpassword, $errmsg, $usernew)) {
$err['newpassword'] = $errmsg;
}
} else if (!$user) {

4
user/lib.php
View File

@ -64,7 +64,7 @@ function user_create_user($user, $updatepassword = true, $triggerevent = true) {
if ($updatepassword && isset($user->password)) {
// Check password toward the password policy.
if (!check_password_policy($user->password, $errmsg)) {
if (!check_password_policy($user->password, $errmsg, $user)) {
throw new moodle_exception($errmsg);
}
@ -165,7 +165,7 @@ function user_update_user($user, $updatepassword = true, $triggerevent = true) {
if ($updatepassword && isset($user->password)) {
// Check password toward the password policy.
if (!check_password_policy($user->password, $errmsg)) {
if (!check_password_policy($user->password, $errmsg, $user)) {
throw new moodle_exception($errmsg);
}