Better fix to change_password.php - primary admin can change their OW…

…N password, the form displays the error for other admins trying to change the primary password (before it failed silently) and external auth admin change password works too!

lang/en/moodle.php

@@ -33,6 +33,7 @@
 $string['addstudent'] = 'Add student';
 $string['addteacher'] = 'Add teacher';
 $string['admin'] = 'Admin';
+$string['adminprimarynoedit'] = 'You may not change the primary admin\'s password';
 $string['adminhelpaddnewuser'] = 'To manually create a new user account';
 $string['adminhelpassignadmins'] = 'Admins can do anything and go anywhere in the site';
 $string['adminhelpassigncreators'] = 'Creators can create new courses and teach in them';

login/change_password.php

@@ -137,6 +137,10 @@
  *****************************************************************************/
 function validate_form($frm, &$err) {
 
+    global $USER;
+
+    $validpw = authenticate_user_login($frm->username, $frm->password);
+
     if (empty($frm->username)){
         $err->username = get_string('missingusername');
     } else {
@@ -145,15 +149,15 @@ function validate_form($frm, &$err) {
         } else {  
             if (!isadmin()) {
                 //require non adminusers to give valid password
-                if(!authenticate_user_login($frm->username, $frm->password)) {
+                if(!$validpw) {
                     $err->password = get_string('wrongpassword');
                 }
             }
             else {
                 // don't allow anyone to change the primary admin's password
                 $mainadmin = get_admin();
-                if($frm->username == $mainadmin->username) {
-                    $err->password = get_string('adminprimarynoedit');
+                if($frm->username == $mainadmin->username && $mainadmin->id != $USER->id) { // the primary admin can change their own password!
+                    $err->username = get_string('adminprimarynoedit');
                 }
             }
         }