Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
3.1.5, 3.2.2, 3.3
-
MOODLE_31_STABLE, MOODLE_32_STABLE, MOODLE_33_STABLE
-
MOODLE_31_STABLE, MOODLE_32_STABLE
-
MDL-58556-master -
Description
The code introduced in MDL-53044 has introduced a bug where a user is perpetually redirected to change their password. This appears to be due to the forcepasswordchange flag getting set in login/index.php when an LDAP password is expired.
index 45845cb..f40ee12 100644 (file)
|
--- a/login/index.php
|
+++ b/login/index.php
|
@@ -233,6 +233,7 @@ if ($frm and isset($frm->username)) { // Login WITH
|
echo $OUTPUT->footer();
|
exit;
|
} elseif (intval($days2expire) < 0 ) {
|
+ set_user_preference('auth_forcepasswordchange', 1, $USER);
|
echo $OUTPUT->header();
|
echo $OUTPUT->confirm(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo);
|
echo $OUTPUT->footer();
|
If a user updates their expired LDAP password (away from Moodle), there does not appear to be a corresponding unset of the forcepasswordchange flag when the password is no longer expired.
Attachments
Issue Links
- is a regression caused by
-
MDL-53044 Manual account auth users able to log in with expired password
-
- Closed
-