diff --git a/core/includes/form.inc b/core/includes/form.inc
index de7bc39..1ce7b1d 100644
--- a/core/includes/form.inc
+++ b/core/includes/form.inc
@@ -1083,17 +1083,22 @@ function template_preprocess_radios(&$variables) {
function form_process_password_confirm($element) {
$element['pass1'] = array(
'#type' => 'password',
- '#title' => t('Password'),
+ '#title' => !empty($element['#title1']) ? $element['#title1'] : t('Password'),
'#value' => empty($element['#value']) ? NULL : $element['#value']['pass1'],
'#required' => $element['#required'],
'#attributes' => array('class' => array('password-field')),
);
$element['pass2'] = array(
'#type' => 'password',
- '#title' => t('Confirm password'),
+ '#title' => !empty($element['#title2']) ? $element['#title2'] : t('Confirm password'),
'#value' => empty($element['#value']) ? NULL : $element['#value']['pass2'],
'#required' => $element['#required'],
'#attributes' => array('class' => array('password-confirm')),
+ '#states' => array(
+ 'visible' => array(
+ ':input[name="pass[pass1]"]' => array('filled' => TRUE),
+ ),
+ ),
);
$element['#element_validate'] = array('password_confirm_validate');
$element['#tree'] = TRUE;
diff --git a/core/modules/user/src/AccountForm.php b/core/modules/user/src/AccountForm.php
index f4f718b..44b2270 100644
--- a/core/modules/user/src/AccountForm.php
+++ b/core/modules/user/src/AccountForm.php
@@ -115,8 +115,11 @@ public function form(array $form, array &$form_state) {
if (!$register) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
+ '#prefix' => '
' . $this->t('Change password') . '
',
+ '#title1' => $this->t('New password'),
+ '#title2' => $this->t('New password confirmation'),
'#size' => 25,
- '#description' => $this->t('To change the current user password, enter the new password in both fields.'),
+ '#description' => $this->t('To change the current user password enter the new password.'),
);
// To skip the current password field, the user must have logged in via a
@@ -130,9 +133,9 @@ public function form(array $form, array &$form_state) {
// password if they logged in via a one-time login link.
if (!$pass_reset) {
$protected_values['mail'] = $form['account']['mail']['#title'];
- $protected_values['pass'] = $this->t('Password');
+ $protected_values['pass'] = $this->t('New password');
$request_new = l($this->t('Request new password'), 'user/password', array('attributes' => array('title' => $this->t('Request new password via email.'))));
- $current_pass_description = $this->t('Required if you want to change the %mail or %pass below. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new));
+ $current_pass_description = $this->t('Confirm your current password to change the %mail or %pass above. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new));
}
// The user must enter their current password to change to a new one.
@@ -148,11 +151,17 @@ public function form(array $form, array &$form_state) {
'#size' => 25,
'#access' => !empty($protected_values),
'#description' => $current_pass_description,
- '#weight' => -5,
// Do not let web browsers remember this password, since we are
// trying to confirm that the person submitting the form actually
// knows the current one.
'#attributes' => array('autocomplete' => 'off'),
+ '#states' => array(
+ // Only show this field when mail or new password has changed.
+ 'visible' => array(
+ array(':input[name="mail"]' => array('!value' => $account->getEmail())),
+ array(':input[name="pass[pass1]"]' => array('filled' => TRUE)),
+ ),
+ ),
);
$form_state['user'] = $account;
diff --git a/core/modules/user/src/Tests/UserEditTest.php b/core/modules/user/src/Tests/UserEditTest.php
index 68747a1..c0de9f1 100644
--- a/core/modules/user/src/Tests/UserEditTest.php
+++ b/core/modules/user/src/Tests/UserEditTest.php
@@ -47,7 +47,7 @@ function testUserEdit() {
$edit = array();
$edit['mail'] = $this->randomName() . '@new.example.com';
$this->drupalPostForm("user/" . $user1->id() . "/edit", $edit, t('Save'));
- $this->assertRaw(t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => t('Email address'))));
+ $this->assertRaw(t("Your current password is missing or incorrect; it's required to change the \"%name\" field.", array('%name' => t('Email address'))));
$edit['current_pass'] = $user1->pass_raw;
$this->drupalPostForm("user/" . $user1->id() . "/edit", $edit, t('Save'));
@@ -58,7 +58,7 @@ function testUserEdit() {
$edit['pass[pass1]'] = $new_pass = $this->randomName();
$edit['pass[pass2]'] = $new_pass;
$this->drupalPostForm("user/" . $user1->id() . "/edit", $edit, t('Save'));
- $this->assertRaw(t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => t('Password'))));
+ $this->assertRaw(t("Your current password is missing or incorrect; it's required to change the \"%name\" field.", array('%name' => t('New password'))));
// Try again with the current password.
$edit['current_pass'] = $user1->pass_raw;
diff --git a/core/modules/user/src/Tests/UserPasswordResetTest.php b/core/modules/user/src/Tests/UserPasswordResetTest.php
index 1045e2c..d3f89b9 100644
--- a/core/modules/user/src/Tests/UserPasswordResetTest.php
+++ b/core/modules/user/src/Tests/UserPasswordResetTest.php
@@ -85,7 +85,7 @@ function testUserPasswordReset() {
// Verify that the password reset session has been destroyed.
$this->drupalPostForm(NULL, $edit, t('Save'));
- $this->assertText(t('Your current password is missing or incorrect; it\'s required to change the Password.'), 'Password needed to make profile changes.');
+ $this->assertText(t('Your current password is missing or incorrect; it\'s required to change the "New password" field.'), 'Password needed to make profile changes.');
// Log out, and try to log in again using the same one-time link.
$this->drupalLogout();
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index cbb1b2d..db4882d 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -531,7 +531,7 @@ function user_validate_current_pass(&$form, &$form_state) {
if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $current_value)) {
$current_pass_failed = empty($form_state['values']['current_pass']) || !\Drupal::service('password')->check($form_state['values']['current_pass'], $account);
if ($current_pass_failed) {
- form_set_error('current_pass', $form_state, t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => $name)));
+ form_set_error('current_pass', $form_state, t("Your current password is missing or incorrect; it's required to change the \"%name\" field.", array('%name' => $name)));
form_set_error($key, $form_state);
}
// We only need to check the password once.