diff options
author | Dries Buytaert <dries@buytaert.net> | 2010-12-11 02:13:56 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2010-12-11 02:13:56 +0000 |
commit | 15ec834950024902a4cae90dc3e189e07512f7e1 (patch) | |
tree | fa04ca22b5590c127dd1bca4a9c7059756ef11cc /modules | |
parent | c8a813f82ebdc9b77eedaa6abf9335aa96149752 (diff) | |
download | brdo-15ec834950024902a4cae90dc3e189e07512f7e1.tar.gz brdo-15ec834950024902a4cae90dc3e189e07512f7e1.tar.bz2 |
- Patch #991340 by alexpott: user_validate_current_pass() uses global and not the user object from the form.
Diffstat (limited to 'modules')
-rw-r--r-- | modules/user/user.module | 4 | ||||
-rw-r--r-- | modules/user/user.test | 45 |
2 files changed, 46 insertions, 3 deletions
diff --git a/modules/user/user.module b/modules/user/user.module index 4a636dad1..7682f2522 100644 --- a/modules/user/user.module +++ b/modules/user/user.module @@ -1149,8 +1149,6 @@ function user_account_form(&$form, &$form_state) { * @see user_account_form() */ function user_validate_current_pass(&$form, &$form_state) { - global $user; - $account = $form['#user']; foreach ($form_state['values']['current_pass_required_values'] as $key => $name) { // This validation only works for required textfields (like mail) or @@ -1158,7 +1156,7 @@ function user_validate_current_pass(&$form, &$form_state) { // that prevent them from being empty if they are changed. if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $account->$key)) { require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc'); - $current_pass_failed = empty($form_state['values']['current_pass']) || !user_check_password($form_state['values']['current_pass'], $user); + $current_pass_failed = empty($form_state['values']['current_pass']) || !user_check_password($form_state['values']['current_pass'], $account); if ($current_pass_failed) { form_set_error('current_pass', t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => $name))); form_set_error($key); diff --git a/modules/user/user.test b/modules/user/user.test index e66ab5e2c..a49a89b5c 100644 --- a/modules/user/user.test +++ b/modules/user/user.test @@ -2069,3 +2069,48 @@ class UserAuthmapAssignmentTestCase extends DrupalWebTestCase { } } } + +/** + * Tests user_validate_current_pass on a custom form. + */ +class UserValidateCurrentPassCustomForm extends DrupalWebTestCase { + + public static function getInfo() { + return array( + 'name' => 'User validate current pass custom form', + 'description' => 'Test that user_validate_current_pass is usable on a custom form.', + 'group' => 'User', + ); + } + + /** + * User with permission to view content. + */ + protected $accessUser; + + /** + * User permission to administer users. + */ + protected $adminUser; + + function setUp() { + parent::setUp('user_form_test'); + // Create two users + $this->accessUser = $this->drupalCreateUser(array('access content')); + $this->adminUser = $this->drupalCreateUser(array('administer users')); + } + + /** + * Tests that user_validate_current_pass can be reused on a custom form. + */ + function testUserValidateCurrentPassCustomForm() { + $this->drupalLogin($this->adminUser); + + // Submit the custom form with the admin user using the access user's password. + $edit = array(); + $edit['user_form_test_field'] = $this->accessUser->name; + $edit['current_pass'] = $this->accessUser->pass_raw; + $this->drupalPost('user_form_test_current_password/' . $this->accessUser->uid, $edit, t('Test')); + $this->assertText(t('The password has been validated and the form submitted successfully.')); + } +} |