Form validation handler for the current password on the user account form.
AccountFormController::form()
function user_validate_current_pass(&$form, &$form_state) {
$account = $form_state['user'];
foreach ($form_state['values']['current_pass_required_values'] as $key => $name) {
// This validation only works for required textfields (like mail) or
// form values like password_confirm that have their own validation
// that prevent them from being empty if they are changed.
if (strlen(trim($form_state['values'][$key])) > 0 && $form_state['values'][$key] != $account->{$key}) {
$current_pass_failed = empty($form_state['values']['current_pass']) || !drupal_container()
->get('password')
->check($form_state['values']['current_pass'], $account);
if ($current_pass_failed) {
form_set_error('current_pass', t("Your current password is missing or incorrect; it's required to change the %name.", array(
'%name' => $name,
)));
form_set_error($key);
}
// We only need to check the password once.
break;
}
}
}