'User form test for current password validation', 'page callback' => 'drupal_get_form', 'page arguments' => array('user_form_test_current_password',1), 'access arguments' => array('administer users'), 'type' => MENU_SUGGESTED_ITEM, ); return $items; } /** * A test form for user_validate_current_pass(). */ function user_form_test_current_password($form, &$form_state, $account) { $account->user_form_test_field = ''; $form['#user'] = $account; $form['user_form_test_field'] = array( '#type' => 'textfield', '#title' => t('Test field'), '#description' => t('A field that would require a correct password to change.'), '#required' => TRUE, ); $form['current_pass'] = array( '#type' => 'password', '#title' => t('Current password'), '#size' => 25, '#description' => t('Enter your current password'), ); $form['current_pass_required_values'] = array( '#type' => 'value', '#value' => array('user_form_test_field' => t('Test field')), ); $form['#validate'][] = 'user_validate_current_pass'; $form['submit'] = array( '#type' => 'submit', '#value' => t('Test'), ); return $form; } /** * Submit function for the test form for user_validate_current_pass(). */ function user_form_test_current_password_submit($form, &$form_state) { drupal_set_message(t('The password has been validated and the form submitted successfully.')); } /** * Implements hook_form_FORM_ID_alter(). */ function user_form_test_form_user_profile_form_alter(&$form, &$form_state) { if (variable_get('user_form_test_user_profile_form_rebuild', FALSE)) { $form['#submit'][] = 'user_form_test_user_account_submit'; } } /** * Submit function for user_profile_form(). */ function user_form_test_user_account_submit($form, &$form_state) { // Rebuild the form instead of letting the process end. This allows us to // test for bugs that can be triggered in contributed modules. $form_state['rebuild'] = TRUE; } /** * Implements hook_form_FORM_ID_alter(). */ function user_form_test_form_user_pass_reset_alter(&$form, &$form_state) { // An unaltered form has no form values; the uid/timestmap/"confirm" are in // the URL arguments. (If for some reason a form_alter method needs the // hash, it can be retrieved from $form['#action'].) if (!is_numeric(arg(2)) || !is_numeric(arg(3)) || !is_string(arg(4)) || arg(4) !== 'confirm') { throw new Exception("Something unexpected changed in the user_pass_reset form; we are not getting the UID/timestamp/'confirm' passed anymore."); } // Use the variable system to communicate to the test code, since we don't // share a session with it. variable_set('user_test_pass_reset_form_build_' . arg(2), TRUE); $form['#submit'][] = 'user_form_test_form_user_pass_reset_submit'; // We must cache the form to ensure the form builder (user_pass_reset()) is // skipped when processing the submitted form, otherwise we get redirected // already during form build. $form_state['cache'] = TRUE; } /** * Submit function for user_pass_reset(). */ function user_form_test_form_user_pass_reset_submit($form, &$form_state) { // On submit, the hash is in arg(4). if (!is_numeric(arg(2)) || !is_numeric(arg(3)) || !is_string(arg(4)) || strlen(arg(4)) < 32) { throw new Exception("Something unexpected changed in the user_pass_reset form; we are not getting the UID/timestamp/hash passed anymore."); } variable_set('user_test_pass_reset_form_submit_' . arg(2), TRUE); // Because the form does no further processing and has no redirect set, // drupal_redirect_form() will redirect back to ourselves // (user/reset/UID/TIMESTAMP/HASH/login); we will be logged in and redirected // while the form is built again. FYI: we cannot set $form_state['rebuild'] // to get around the first redirect without further hacks, because then the // form won't pass the hash. (Our original $form_state['build_info']['args'] // contains "confirm" for the 3rd argument.) }