MDL-14092: forcing imported users with a weak password to change it o…

…n first login.
moodle · Sep 26, 2008 · a17718a · a17718a
1 parent 9358613
commit a17718a
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/admin/uploaduser.php b/admin/uploaduser.php
@@ -150,6 +150,8 @@
     $renameerrors = 0;
     $usersskipped = 0;
 
+    $forcechangepassword = 0;
+
     // caches
     $ccache    = array(); // course cache - do not fetch all courses here, we  will not probably use them all anyway!
     $rolecache = array(); // roles lookup cache
@@ -201,6 +203,9 @@
                 if ($key == 'password') {
                     if ($value !== '') {
                         $user->password = hash_internal_user_password($value);
+                        if (!empty($CFG->passwordpolicy) and !check_password_policy($value, $errmsg)) {
+                            $forcechangepassword++;
+                        }
                     }
                 } else {
                     $user->$key = $value;
@@ -435,6 +440,9 @@
                             continue;
                         } else if (!empty($user->password)) {
                             $upt->track('password', get_string('updated'));
+                            if ($forcechangepassword) {
+                                set_user_preference('auth_forcepasswordchange', 1, $existinguser->id);
+                            }
                         }
                     }
                     if ((array_key_exists($column, $existinguser) and array_key_exists($column, $user)) or in_array($column, $PRF_FIELDS)) {
@@ -538,6 +546,9 @@
                     set_user_preference('auth_forcepasswordchange', 1, $user->id);
                     $upt->track('password', get_string('new'));
                 }
+                if ($forcechangepassword) {
+                    set_user_preference('auth_forcepasswordchange', 1, $user->id);
+                }
             } else {
                 // Record not added -- possibly some other error
                 $upt->track('status', $strusernotaddederror, 'error');
@@ -696,6 +707,7 @@
     if ($usersskipped) {
         echo get_string('usersskipped', 'admin').': '.$usersskipped.'<br />';
     }
+    echo get_string('usersweakpassword', 'admin').': '.$forcechangepassword.'<br />';
     echo get_string('errors', 'admin').': '.$userserrors.'</p>';
     print_box_end();
 
@@ -979,4 +991,4 @@ function uu_allowed_roles($shortname=false) {
 
     return $choices;
 }
-?>
+?>
diff --git a/lang/en_utf8/admin.php b/lang/en_utf8/admin.php
@@ -742,6 +742,7 @@
 $string['users'] = 'Users';
 $string['userscreated'] = 'Users created';
 $string['usersdeleted'] = 'Users deleted';
+$string['usersweakpassword'] = 'Users having a weak password';
 $string['usersrenamed'] = 'Users renamed';
 $string['usersskipped'] = 'Users skipped';
 $string['usersupdated'] = 'Users updated';