--- /home/emre/pr5_original/password_reset/password_reset.module	2007-11-27 09:14:12.000000000 -0800
+++ /home/emre/pr5_mine/password_reset/password_reset.module	2008-03-28 10:05:51.000000000 -0700
@@ -13,6 +13,15 @@
  *   - Implement flood control.
  *
  * @author Karthik Kumar ( http://drupal.org/user/21209 )
+ *
+ * The module is modified so that the administor can choose the password reset method  
+ * from the two possible options: 1- Use secret questions previously set by the administrator
+ * 2- Use user custom questions.
+ * The number of user custom questions to be used in the second case is set by the administrator
+ * to a number from 1 to 5.
+ * 
+ * --modified by Arif Emre Yarimbiyik (2/12/2008)
+ *
  */
 
 /**
@@ -20,23 +29,70 @@
  */
 function password_reset_menu($may_cache) {
   global $user;
-
   $items = array();
 
-  if ($may_cache) {
+  if (!$may_cache) {
+    // Override the default password recovery page rather having to perform
+    // a string of form_alters and try overriding all the validation code
+    // of the standard form which require the presence of e-mail form fields and
+    // user fields.
+    if (variable_get('admin_preset_questions',TRUE)){
+      $items[] = array(
+        'path' => 'user/password',
+        'title' => t('Reset password'),
+        'callback' => 'drupal_get_form',
+        'callback arguments' => array('password_reset_form'),
+        'access' => !$user->uid,
+        'type' => MENU_LOCAL_TASK
+      );  
+    }
+    else{
+      $items[] = array(
+        'path' => 'user/password',
+        'title' => t('Reset password'),
+        'callback' => 'drupal_get_form',
+        'callback arguments' => array('password_reset_customq_form'),
+        'access' => !$user->uid,
+        'type' => MENU_LOCAL_TASK
+      );
+    }
+  }
+  else{
+    $items[] = array(
+      'path' => 'admin/user/password_reset/select_method',
+      'title' => t('Select method'),
+      'description' => t('Select method for password reset. Preset admin questions or custom user questions.'),
+      'callback' => 'drupal_get_form',
+      'callback arguments' => array('password_reset_admin_select_method'),
+      'access' => user_access('administer site configuration'),
+      'type' => MENU_DEFAULT_LOCAL_TASK,
+      'weight' => 0 
+    );
     $items[] = array(
       'path' => 'admin/user/password_reset',
       'title' => t('Password reset'),
-      'description' => t('Configure security questions for the password_reset module.'),
-      'callback' => 'password_reset_admin_questions',
+      'description' => t('Configure security questions and method for the password_reset module.'),
+      'callback' => 'drupal_get_form',
+      'callback arguments' => array('password_reset_admin_select_method'), 
       'access' => user_access('administer site configuration')
     );
     $items[] = array(
+      'path' => 'admin/user/password_reset/number_of_custom',
+      'title' => t('Number of custom questions'),
+      'description' => t('Set the number of custom user security questions to be used.'),
+      'callback' => 'drupal_get_form',
+      'callback arguments' => array('password_reset_admin_customq_number'), 
+      'access' => user_access('administer site configuration'),
+      'type' => MENU_LOCAL_TASK,
+      'weight' => 6  
+    );
+    $items[] = array(
       'path' => 'admin/user/password_reset/list',
       'title' => t('List'),
       'callback' => 'password_reset_admin_questions',
       'access' => user_access('administer site configuration'),
-      'type' => MENU_DEFAULT_LOCAL_TASK
+      'type' => MENU_LOCAL_TASK,
+      'weight' => 2  
     );
     $items[] = array(
       'path' => 'admin/user/password_reset/add',
@@ -45,7 +101,7 @@
       'callback arguments' => array('password_reset_admin_edit'),
       'access' => user_access('administer site configuration'),
       'type' => MENU_LOCAL_TASK,
-      'weight' => 1
+      'weight' => 4
     );
     $items[] = array(
       'path' => 'admin/user/password_reset/edit',
@@ -64,20 +120,6 @@
       'type' => MENU_CALLBACK
     );
   }
-  else {
-    // Override the default password recovery page rather having to perform
-    // a string of form_alters and try overriding all the validation code
-    // of the standard form which require the presence of e-mail form fields and
-    // user fields.
-    $items[] = array(
-      'path' => 'user/password',
-      'title' => t('Reset password'),
-      'callback' => 'drupal_get_form',
-      'callback arguments' => array('password_reset_form'),
-      'access' => !$user->uid,
-      'type' => MENU_LOCAL_TASK
-    );
-  }
 
   return $items;
 }
@@ -86,7 +128,7 @@
  * Menu callback: A multi-step form to validate and reset the password for a
  * user.
  */
-function password_reset_form($form_values = NULL) {
+function password_reset_form ($form_values = NULL) {
   $form = array();
 
   if (!isset($form_values)) {
@@ -113,9 +155,9 @@
       $uid = password_reset_uid_get($form_values['username']);
       if ($question = password_reset_user_question_get($uid)) {
         $form['username'] = array('#type' => 'hidden', '#value' => $form_values['username']);
-        $form['question'] = array('#value' => t('<strong>Security question:</strong> %question', array('%question' => $question->question)));
+        $form['question'] = array('#value' => t('<strong>Security question:</strong> %question', array('%question' => $question->question)));   
         $form['answer'] = array(
-          '#type' => 'textfield',
+          '#type' => 'password',
           '#title' => t('Answer'),
           '#description' => t('Enter the answer to the above question.'),
           '#required' => TRUE,
@@ -150,7 +192,7 @@
 /**
  * Validate password_reset_form submissions.
  */
-function password_reset_form_validate($form_id, $form_values) {
+function password_reset_form_validate ($form_id, $form_values) {
   switch ($form_values['step']) {
     case 1:
       $uid = password_reset_uid_get($form_values['username']);
@@ -169,80 +211,332 @@
 }
 
 /**
- * Implementation of hook_form_alter.
+ * Menu callback: A multi-step form to validate and reset the password for a
+ * user.
  */
-function password_reset_form_alter($form_id, &$form) {
-  switch ($form_id) {
-    case 'user_pass':
-      $form['name']['#title'] = t('Username');
-      $form['submit']['#value'] = t('Next');
-      break;
-    case 'user_edit':
-      // Fall through.
-    case 'user_register':
-      $form['password_reset'] = array(
-        '#type' => 'fieldset',
-        '#title' => t('Security question'),
-        '#description' => t('To reset your password in case you have forgotten it, or for other administrative tasks, a security question will be asked to verify your identity.'),
-        '#tree' => TRUE,
-        '#collapsible' => TRUE
-      );
-      $form['password_reset']['question'] = array(
-        '#type' => 'select',
-        '#title' => t('Question'),
-        '#description' => t('Choose the question that you would like asked.'),
-        '#options' => password_reset_questions_get(),
-        '#required' => TRUE
-      );
-      $form['password_reset']['answer'] = array(
+function password_reset_customq_form ($form_values = NULL) {
+  $form = array();                  
+  if (!isset($form_values)) {
+    $step = 1;
+  }
+  else {
+    $step = $form_values['step'] + 1;
+    // Forward essential values from step 1 to subsequent steps.
+    $form['operation'] = array('#type' => 'value', '#value' => $form_values['operation']);
+  }
+  $form['step'] = array('#type' => 'hidden', '#value' => $step);
+
+  switch ($step) {
+    case 1:
+      $form['username'] = array(
         '#type' => 'textfield',
-        '#title' => t('Answer'),
-        '#description' => t('Type the answer to the question you have chosen.'),
-        '#maxlength' => 255,
+        '#title' => t('Username'),
+        '#description' => t('Enter the username you use on this site.'),
         '#required' => TRUE
       );
+      $form['operation'] = array('#type' => 'submit', '#value' => t('Next'));
+      break;
+    case 2:
+      $uid = password_reset_uid_get($form_values['username']);
+      $qnumber = variable_get('qnum',1);
+      if ($qa = password_reset_customq_user_question_get($uid)){                            
+        for($pid=1;$pid<=$qnumber;$pid++){  
+          $form['username'] = array('#type' => 'hidden', '#value' => $form_values['username']);
+          $form['question'.$pid] = array(
+            '#value' => t('<strong>Security question # %num :</strong> %question',
+            array('%num' => $pid, '%question' => $qa[$pid]->question)));
+          $form['answer'.$pid] = array(
+            '#type' => 'password',
+            '#title' => t('Answer '.$pid),
+            '#description' => t('Enter the answer to the above question.'),
+            '#required' => TRUE,
+          );
+        } 
 
-      // Set defaults only if this is the edit form.
-      if ($form_id == 'user_edit') {
-        $uid = arg(1);
-        $question = password_reset_user_question_get($uid);
-        $form['password_reset']['question']['#default_value'] = $question->qid;
-        $form['password_reset']['answer']['#default_value'] = $question->answer;
+        $form['operation'] = array(
+          '#type' => 'submit',
+          '#value' => t('Next'),
+          '#weight' => 8
+        );
       }
       break;
+    case 3:
+      // This step should technically be handled in the submit stage of step 2.
+      // However, redirecting the user to the one-time login link was not
+      // working correctly, requiring the user to manually refresh the page.
+
+      // Use userload here as user_pass_reset_url requires the user object.
+      $account = user_load(array('name' => $form_values['username'], 'status' => 1));
+      $reset_url = user_pass_reset_url($account);
+      $form['content'] = array('#value' => t('A one-time login link has been created. <a href="!reset-url">Click here</a> to reset your password.', array('!reset-url' => $reset_url)));
+      break;
   }
+
+  $form['#multistep'] = TRUE;
+  $form['#redirect'] = FALSE;
+
+  return $form;
+
 }
 
 /**
- * Implementation of hook_user().
+ * Retrieve question(s) and answer(s) specific to a user.
  */
-function password_reset_user($op, &$edit, &$account, $category = NULL) {
-  switch ($op) {
-    case 'update':
-      $qid = $edit['password_reset']['question'];
-      $answer = trim($edit['password_reset']['answer']);
-      unset($edit['password_reset']);
-      // MySQL-only query.
-      db_query("REPLACE INTO {password_reset_users} (uid, qid, answer) VALUES (%d, %d, '%s')", $account->uid, $qid, $answer);
-      break;
-    case 'insert':
-      $qid = $edit['password_reset']['question'];
-      $answer = trim($edit['password_reset']['answer']);
-      unset($edit['password_reset']);
-      db_query("INSERT INTO {password_reset_users} (uid, qid, answer) VALUES (%d, %d, '%s')", $account->uid, $qid, $answer);
+function password_reset_customq_user_question_get ($uid) { 
+   $result = db_query("SELECT * FROM {password_reset_customq} u WHERE u.uid=%d ORDER BY u.pid ASC",$uid);   
+   $i=1; 
+     while($qwe = db_fetch_object($result)){                     
+       $question[$i]=$qwe;  
+       $i++;  
+     }
+
+     return $question ? $question : FALSE;
+}
+
+/**
+ * Retrieve the uid of a user based on the username. This avoids expensive
+ * user_load calls and / or JOINs on each step.
+ */
+function password_reset_uid_get ($username) {
+  $uid = db_result(db_query("SELECT u.uid FROM {users} u WHERE u.status = 1 AND LOWER(u.name) = '%s'", trim(strtolower($username))));
+  return $uid;
+}
+
+/**
+ * Validate password_reset_customq_form submissions.
+ */
+function password_reset_customq_form_validate ($form_id, $form_values) {
+  switch ($form_values['step']) {
+    case 1:
+      $uid = password_reset_uid_get($form_values['username']);
+      if (!$uid) {
+        form_set_error('username', t('Username not found. Please check and try again.'));
+      }
       break;
-    case 'delete':
-      db_query('DELETE FROM {password_reset_users} WHERE uid = %d', $account->uid);
+    case 2:
+      $uid = password_reset_uid_get($form_values['username']);
+      $question = password_reset_customq_user_question_get($uid);   			                                     
+      $qnumber = variable_get('qnum',1);
+      $error = FALSE;
+      for($pid=1;$pid<=$qnumber;$pid++){                                            
+        if ( !$question ||  trim(strtolower($question[$pid]->answer)) != trim(strtolower($form_values['answer'.$pid]))) {
+            $error = TRUE;
+        }
+      }
+      if ($error)  form_set_error('answer', t('At least one answer is incorrect. Please check and try again.')); 
       break;
   }
 }
 
 /**
+ * Implementation of hook_form_alter.
+ */
+function password_reset_form_alter ($form_id, &$form) {
+  if (variable_get('admin_preset_questions',TRUE)) {
+    switch ($form_id) {
+      case 'user_pass':
+        $form['name']['#title'] = t('Username');
+        $form['submit']['#value'] = t('Next');
+        break;
+      case 'user_edit':
+        $form['password_reset'] = array(
+          '#type' => 'fieldset',
+          '#title' => t('Security question'),
+          '#description' => t('To reset your password in case you have forgotten it, or for other administrative tasks, a security question will be asked to verify your identity.'),
+          '#tree' => TRUE,
+          '#collapsible' => TRUE
+        );
+        $form['password_reset']['question'] = array(
+          '#type' => 'select',
+          '#title' => t('Question'),
+          '#description' => t('Choose the question that you would like asked.'),
+          '#options' => password_reset_questions_get(),
+          '#required' => TRUE
+        );
+        $form['password_reset']['answer'] = array(
+          '#type' => 'password',
+          '#title' => t('Answer'),
+          '#description' => t('Type the answer to the question you have chosen.'),
+          '#maxlength' => 255,
+        );
+
+        // Set defaults only if this is the edit form.
+          $uid = arg(1);
+          $question = password_reset_user_question_get($uid);
+          $form['password_reset']['question']['#default_value'] = $question->qid;
+          $form['password_reset']['answer']['#default_value'] = $question->answer;
+          break;
+
+      case 'user_register':
+        $form['password_reset'] = array(
+          '#type' => 'fieldset',
+          '#title' => t('Security question'),
+          '#description' => t('To reset your password in case you have forgotten it, or for other administrative tasks, a security question will be asked to verify your identity.'),
+          '#tree' => TRUE,
+          '#collapsible' => TRUE
+        );
+        $form['password_reset']['question'] = array(
+          '#type' => 'select',
+          '#title' => t('Question'),
+          '#description' => t('Choose the question that you would like asked.'),
+          '#options' => password_reset_questions_get(),
+          '#required' => TRUE
+        );
+        $form['password_reset']['answer'] = array(
+          '#type' => 'textfield',
+          '#title' => t('Answer'),
+          '#description' => t('Type the answer to the question you have chosen.'),
+          '#maxlength' => 255,
+          '#required' => TRUE
+        );
+        break;
+    }
+  }
+  else{  
+    $qnumber = variable_get('qnum',1);
+    switch ($form_id) {
+        case 'user_pass':
+          $form['name']['#title'] = t('Username');
+          $form['submit']['#value'] = t('Next');
+          break;
+        case 'user_edit':
+          $form['password_reset_customq'] = array(
+            '#type' => 'fieldset',
+            '#title' => t('Security question'),
+            '#description' => t('To reset your password in case you have forgotten it, or for other administrative tasks, %quesnum security question(s) will be asked to verify your identity.',array('%quesnum' => $qnumber)),
+            '#tree' => TRUE,
+            '#collapsible' => TRUE
+          );
+
+          for($pid=1; $pid<=$qnumber; $pid++){   
+            $form['password_reset_customq']['ques-'.$pid] = array(
+              '#type' => 'textfield', 
+              '#title' => t('Question '.$pid),
+              '#description' => t('Enter your secret question #'.$pid),
+              '#maxlength' => 255,
+              '#required' => TRUE
+            );
+            $form['password_reset_customq']['ans-'.$pid] = array(
+              '#type' => 'password',
+              '#title' => t('Answer '.$pid),
+              '#description' => t('Type the answer of the secret question #'.$pid),
+              '#maxlength' => 255,
+            );          
+          }        
+          //Set defaults.
+            $uid = arg(1);
+            $question = array();  
+            $question = password_reset_customq_user_question_get($uid);        
+            for($pid=1; $pid<=$qnumber; $pid++) {             
+              $form['password_reset_customq']['ques-'.$pid]['#default_value'] = $question[$pid]->question;
+              $form['password_reset_customq']['ans-'.$pid]['#default_value'] = $question[$pid]->answer;            
+            }
+           
+          break;
+        case 'user_register':
+          $form['password_reset_customq'] = array(
+            '#type' => 'fieldset',
+            '#title' => t('Security question'),
+            '#description' => t('To reset your password in case you have forgotten it, or for other administrative tasks, %quesnum security question(s) will be asked to verify your identity.',array('%quesnum' => $qnumber)),
+            '#tree' => TRUE,
+            '#collapsible' => TRUE
+          );
+
+          for($pid=1; $pid<=$qnumber; $pid++){   
+            $form['password_reset_customq']['ques-'.$pid] = array(
+              '#type' => 'textfield', 
+              '#title' => t('Question '.$pid),
+              '#description' => t('Enter your secret question #'.$pid),
+              '#maxlength' => 255,
+              '#required' => TRUE
+            );
+            $form['password_reset_customq']['ans-'.$pid] = array(
+              '#type' => 'textfield',
+              '#title' => t('Answer '.$pid),
+              '#description' => t('Type the answer of the secret question #'.$pid),
+              '#maxlength' => 255,
+              '#required' => TRUE
+            );          
+          }         
+          break;
+    }  
+
+  }
+
+}
+
+/**
+ * Implementation of hook_user().
+ */
+function password_reset_user  ($op, &$edit, &$account, $category = NULL) { 
+  if (variable_get('admin_preset_questions',TRUE)) {
+    switch ($op) {                
+      case 'update':
+        unset($answer);    
+          $qid = $edit['password_reset']['question'];
+        if ( $edit['password_reset']['answer'] != '')                                   
+          $answer = trim($edit['password_reset']['answer']);
+        unset($edit['password_reset']);
+        // MySQL-only query.
+        if ( $answer != '')  
+          db_query("REPLACE INTO {password_reset_users} (uid, qid, answer) VALUES (%d, %d, '%s')", $account->uid, $qid, $answer);        
+        break;
+      case 'insert':                                     
+        $qid = $edit['password_reset']['question'];
+        $answer = trim($edit['password_reset']['answer']);
+        unset($edit['password_reset']);
+        db_query("INSERT INTO {password_reset_users} (uid, qid, answer) VALUES (%d, %d, '%s')", $account->uid, $qid, $answer);
+        break;
+      case 'delete':                    
+        db_query('DELETE FROM {password_reset_users} WHERE uid = %d', $account->uid);
+        break;
+    }
+  }
+  else {                                       
+    $qnumber = variable_get('qnum',1);
+
+    switch ($op) {
+      case 'update': 
+        $empty_field_count = 0;  
+
+        for($pid=1; $pid<=$qnumber; $pid++) {  
+          if ( ($edit['password_reset_customq']['ans-'.$pid] == '') || ($edit['password_reset_customq']['ques-'.$pid] == '') )
+            $empty_field_count++;      
+        }
+
+        if ($empty_field_count == 0){ 
+          db_query("DELETE FROM {password_reset_customq} WHERE uid = %d",$account->uid);  
+          for($pid=1; $pid<=$qnumber; $pid++) {  
+            $ques = trim($edit['password_reset_customq']['ques-'.$pid]);
+            $ans = trim($edit['password_reset_customq']['ans-'.$pid]);  
+            // MySQL-only query.  
+            db_query("INSERT INTO {password_reset_customq} (uid,question,answer) VALUES  (%d,'%s','%s')", $account->uid, $ques, $ans);    
+          }
+        }          
+   
+        unset($edit['password_reset_customq']);         
+        break;
+      case 'insert':      
+        for($pid=1; $pid<=$qnumber; $pid++) {                
+            $ques = trim($edit['password_reset_customq']['ques-'.$pid]);
+            $ans = trim($edit['password_reset_customq']['ans-'.$pid]);  
+            db_query("INSERT INTO {password_reset_customq} (uid,question,answer) VALUES (%d,'%s','%s')", $account->uid, $ques, $ans);
+        } 
+        unset($edit['password_reset_customq']);
+        break; 
+      case 'delete':
+        db_query('DELETE FROM {password_reset_customq} WHERE uid = %d', $account->uid);
+        break;
+    }
+  }
+
+}
+
+/**
  * Menu callback: List the security questions.
  */
-function password_reset_admin_questions() {
+function password_reset_admin_questions () {
   $result = db_query('SELECT pr.qid, pr.question, COUNT(pru.qid) as total FROM {password_reset} pr LEFT JOIN {password_reset_users} pru ON (pr.qid = pru.qid) GROUP BY pr.qid ORDER BY question');
-
   $rows = array();
   while ($question = db_fetch_object($result)) {
     $rows[] = array($question->question, $question->total, l(t('Edit'), 'admin/user/password_reset/edit/'. $question->qid), l(t('Delete'), 'admin/user/password_reset/delete/'. $question->qid));
@@ -260,7 +554,7 @@
 /**
  * Menu callback: Question edit page.
  */
-function password_reset_admin_edit($qid = NULL) {
+function password_reset_admin_edit ($qid = NULL) {
   $form['question'] = array(
     '#type' => 'textfield',
     '#title' => t('Security question'),
@@ -285,9 +579,9 @@
 /**
  * Process the password_reset question edit page form submission.
  */
-function password_reset_admin_edit_submit($form_id, $form_values) {
+function password_reset_admin_edit_submit ($form_id, $form_values) {
   if (arg(3) == 'add') {
-    db_query("INSERT INTO {password_reset} (question) VALUES ('%s')", $form_values['question']);
+    db_query("INSERT INTO {password_reset} (question) VALUES ('%s')", $form_values['question']);    
     drupal_set_message(t('Security question %question has been added.', array('%question' => $form_values['question'])));
     watchdog('security', t('password_reset form: question %question added.', array('%question' => $form_values['question'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/password_reset'));
   }
@@ -303,7 +597,7 @@
 /**
  * Menu callback: Question delete page.
  */
-function password_reset_admin_delete($qid = NULL) {
+function password_reset_admin_delete ($qid = NULL) {
   if ($info = db_fetch_object(db_query("SELECT * FROM {password_reset} WHERE qid = %d", $qid))) {
     $form['question'] = array('#type' => 'value', '#value' => $info->question);
     $form['qid'] = array('#type' => 'value', '#value' => $info->qid);
@@ -319,7 +613,7 @@
 /**
  * Process question delete form submission.
  */
-function password_reset_admin_delete_submit($form_id, $form_values) {
+function password_reset_admin_delete_submit ($form_id, $form_values) {
   db_query("DELETE FROM {password_reset} WHERE qid = %d", $form_values['qid']);
   drupal_set_message(t('Security question %question has been deleted.', array('%question' => $form_values['question'])));
   watchdog('security', t('password_reset form: Security question %question deleted.', array('%question' => $form_values['question'])), WATCHDOG_NOTICE);
@@ -330,9 +624,8 @@
 /**
  * Retrieve all available questions.
  */
-function password_reset_questions_get() {
+function password_reset_questions_get () {
   $result = db_query('SELECT pr.qid, pr.question FROM {password_reset} pr ORDER BY question');
-
   $questions = array();
   while ($question = db_fetch_object($result)) {
     $questions[$question->qid] = $question->question;
@@ -344,18 +637,86 @@
 /**
  * Retrieve question and answer specific to a user.
  */
-function password_reset_user_question_get($uid) {
+function password_reset_user_question_get ($uid) {
   $result = db_query('SELECT pr.qid, pr.question, pru.answer FROM {password_reset_users} pru INNER JOIN {password_reset} pr ON (pru.qid = pr.qid) WHERE pru.uid = %d', $uid);
 
   return $result ? db_fetch_object($result) : FALSE;
 }
 
 /**
- * Retrieve the uid of a user based on the username. This avoids expensive
- * user_load calls and / or JOINs on each step.
+ * Returns the form that will be used by the administrator to choose from the two secret question methods.
  */
-function password_reset_uid_get($username) {
-  $uid = db_result(db_query("SELECT u.uid FROM {users} u WHERE u.status = 1 AND LOWER(u.name) = '%s'", trim(strtolower($username))));
+function password_reset_admin_select_method () {
+  $options = array(
+    'admin_preset' => t('User will choose from the secret questions provided by the admin.'),
+    'custom_user' => t('User will insert his/her own secret questions.'),
+  );
 
-  return $uid;
+  $form['method'] = array(
+        '#title' => t('Secret question selection method'),
+        '#type' => 'radios', 
+        '#description' => t('Choose the method for secret question selection regarding password reset.'),
+        '#options' => $options,
+        '#default_value' =>  variable_get('qmethod', 'admin_preset'),  
+  );
+
+  $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'));
+
+  return $form;
+} 
+
+/**
+ * Process the password_reset secret question method select page form submission.
+ */
+function password_reset_admin_select_method_submit ($form, &$form_values) {
+   if ( $form_values['method'] == 'admin_preset') {
+     variable_set('admin_preset_questions', TRUE);  
+     variable_set('qmethod', 'admin_preset');
+     drupal_set_message(t('Admin preset questions selected.'));
+     watchdog('security', t('password_reset form: ADMIN PRESET QUESTION selected as the method by the admin.'), WATCHDOG_NOTICE, l(t('view'), 'admin/user/password_reset'));
+   }
+   else if ($form_values['method'] == 'custom_user' ) {
+     variable_set('admin_preset_questions', FALSE);
+     variable_set('qmethod', 'custom_user'); 
+     drupal_set_message(t('User custom questions selected.')); 
+     watchdog('security', t('password_reset form: USER CUSTOM QUESTION(S) selected as the method by the admin.'), WATCHDOG_NOTICE, l(t('view'), 'admin/user/password_reset'));
+   }
+   else  drupal_set_message(t("Error in method selection"));       
+   drupal_goto($path = 'admin/user/password_reset');
+     
+   return 0; 
 }
+
+/**
+ * Returns the form that will be used by the administrator to choose the number of user custom secret questions.
+ */
+function password_reset_admin_customq_number () {
+  $options = array(
+    1 => t('1'), 2 => t('2'), 3 => t('3'), 4 => t('4'), 5 => t('5'),
+  );
+  $form['qnumber'] = array(
+        '#title' => t('Number of custom user secret questions'),
+        '#type' => 'select', 
+        '#description' => 'Choose the number of secret questions that the user will insert and he/she will be asked in case of a password reset.',     
+        '#options' => $options,
+        '#default_value' =>  variable_get('qnum', '1'),  
+  );
+  
+  $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'));
+
+  return $form;
+}
+
+/**
+ * Process the password_reset number of user custom secret questions form submission.
+ */
+function password_reset_admin_customq_number_submit ($form, &$form_values) {
+   variable_set('qnum',$form_values['qnumber']); 
+   drupal_set_message($form_values['qnumber'] .t(' user custom question(s) for the password reset process chosen.')); 
+   watchdog('security', t('password_reset form: %custom_qnumber user custom question(s) selected.', array('%custom_qnumber' => $form_values['qnumber'])), WATCHDOG_NOTICE, l(t('view'), 'admin/user/password_reset'));
+   drupal_goto($path = 'admin/user/password_reset/number_of_custom');   
+
+   return 0; 
+}
+
+  
