Merge branch 'wip-MDL-30336-MOODLE_20_STABLE' of git://github.com/abg…

…reeve/moodle into MOODLE_20_STABLE
moodle · Dec 8, 2011 · ff6a1ff · ff6a1ff
2 parents 9217c1a + 6c91ae7
commit ff6a1ff
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 2 deletions.
diff --git a/admin/settings/security.php b/admin/settings/security.php
@@ -83,6 +83,7 @@
     $temp->add(new admin_setting_configcheckbox('cookiesecure', get_string('cookiesecure', 'admin'), get_string('configcookiesecure', 'admin'), 0));
     $temp->add(new admin_setting_configcheckbox('cookiehttponly', get_string('cookiehttponly', 'admin'), get_string('configcookiehttponly', 'admin'), 0));
     $temp->add(new admin_setting_configtext('excludeoldflashclients', get_string('excludeoldflashclients', 'admin'), get_string('configexcludeoldflashclients', 'admin'), '10.0.12', PARAM_TEXT));
+    $temp->add(new admin_setting_configcheckbox('loginpasswordautocomplete', get_string('loginpasswordautocomplete', 'admin'), get_string('loginpasswordautocomplete_help', 'admin'), 0));
     $ADMIN->add('security', $temp);
 
 

diff --git a/blocks/login/block_login.php b/blocks/login/block_login.php
@@ -48,7 +48,12 @@ function get_content () {
             $this->content->text .= '<input type="text" name="username" id="login_username" value="'.s($username).'" /></div>';
 
             $this->content->text .= '<div class="c1 fld password"><label for="login_password">'.get_string('password').'</label>';
-            $this->content->text .= '<input type="password" name="password" id="login_password" value="" /></div>';
+
+            if (!empty($CFG->loginpasswordautocomplete)) {
+                $this->content->text .= '<input type="password" name="password" id="login_password" value="" autocomplete="off" /></div>';
+            } else {
+                $this->content->text .= '<input type="password" name="password" id="login_password" value="" /></div>';
+            }
 
             $this->content->text .= '<div class="c1 btn"><input type="submit" value="'.get_string('login').'" /></div>';
 

diff --git a/lang/en/admin.php b/lang/en/admin.php
@@ -675,6 +675,8 @@
 $string['logguests'] = 'Log guest access';
 $string['logguests_help'] = 'This setting enables logging of actions by guest account and not logged in users. High profile sites may want to disable this logging for performance reasons. It is recommended to keep this setting enabled on production sites.';
 $string['loginhttps'] = 'Use HTTPS for logins';
+$string['loginpasswordautocomplete'] = 'Prevent password autocompletion on login form.';
+$string['loginpasswordautocomplete_help'] = 'Having this off will let users save their account password in their browser. Switching this setting on will result in your site no longer following XHTML strict validation rules.';
 $string['loglifetime'] = 'Keep logs for';
 $string['longtimewarning'] = '<b>Please note that this process can take a long time.</b>';
 $string['mail'] = 'Email';

diff --git a/login/index_form.html b/login/index_form.html
@@ -40,7 +40,7 @@ <h2><?php print_string("returningtosite") ?></h2>
             <div class="clearer"><!-- --></div>
             <div class="form-label"><label for="password"><?php print_string("password") ?></label></div>
             <div class="form-input">
-              <input type="password" name="password" id="password" size="15" value="" />
+              <input type="password" name="password" id="password" size="15" value="" <?php if (!empty($CFG->loginpasswordautocomplete)) {echo 'autocomplete="off"';} ?> />
               <input type="submit" id="loginbtn" value="<?php print_string("login") ?>" />
               <div class="forgetpass"><a href="forgot_password.php"><?php print_string("forgotten") ?></a></div>
             </div>