From dd6228f5d7b3be433276bcdb25943792490e1d31 Mon Sep 17 00:00:00 2001
From: dave <dave>
Date: Thu, 15 Jul 2010 09:17:59 +0000
Subject: [PATCH] Implement password expired, force the user to set a new
 password.

---
 user.inc.php     |  2 +-
 user_account.php | 16 +++++++++++-----
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/user.inc.php b/user.inc.php
index a3d819d..2609211 100644
--- a/user.inc.php
+++ b/user.inc.php
@@ -547,7 +547,7 @@ function user_auth_required($all_required, $one_required = array())
 	/* Forward to password expired, remember the target URI */
 	if($_SESSION['password_expired'] == true) {
 		$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
-		header("location: {$config['SFIABDIRECTORY']}/user_password.php");
+		header("location: {$config['SFIABDIRECTORY']}/user_account.php");
 		exit;
 	}
 
diff --git a/user_account.php b/user_account.php
index 64e4d03..5ea679e 100644
--- a/user_account.php
+++ b/user_account.php
@@ -150,15 +150,15 @@ case 'save':
  $a = account_load($accounts_id);
 
  $d = '';
-
  $email = $a['email'];
  $username_link = ($a['link_username_to_email'] == 'yes') ? 'checked="checked"' : '';
  $username = $email;
- $ud = 'disabled="disabled"';
+ $_SESSION['password_expired'] = true;
 
  if($_SESSION['password_expired'] == true) {
- 	echo info(i18n('Your password has expired.  You must choose a new password now.'));
+ 	echo notice(i18n('Your password has expired.  You must choose a new password now.'));
 	$d = 'disabled="disabled"';
+	$validator_passreq = 'required: true,';
  }
 
 ?>
@@ -269,10 +269,12 @@ $().ready(function() {
 				minlength: 4
 			},
 			pass1: {
+				<?=$validator_passreq?>
 				minlength: 6,
 				maxlength: 32
 			},
 			pass2: {
+				<?=$validator_passreq?>
 				minlength: 6,
 				maxlength: 32,
 				equalTo: "#pass1"
@@ -291,10 +293,12 @@ $().ready(function() {
 				checking: "Checking..."
 			},
 			pass1: {
+				required: "Please enter a password",
 				minlength: "Your password must be at least 6 characters long",
 				maxlength: "Your password must be at most 32 characters long"
 			},
 			pass2: {
+				required: "Please confirm the password",
 				minlength: "Your password must be at least 6 characters long",
 				maxlength: "Your password must be at most 32 characters long",
 				equalTo: "Please enter the same password as above"
@@ -305,7 +309,8 @@ $().ready(function() {
 		}
 	});
 
-	/* Code to disable the username box */
+<? if($_SESSION['password_expired'] == false) { ?>
+	/* Code to disable the username box, only included if the password hasn't expired */
 	var username_link = $("#username_link").is(":checked");
 	$("#username").attr("disabled", username_link);
 	$("#username_link").click(function() {
@@ -313,11 +318,12 @@ $().ready(function() {
 		email_changed();
 		username_changed();
 	});
-
 	$("#email").change(email_changed);
 	$("#email").keyup(email_changed);
 	$("#username").change(username_changed);
 	$("#username").keyup(username_changed);
+
+<? } ?>
 	
 });
 </script>