Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The code that gathers the password policies in password_policy_password_element_alter overwrites the previous fetched ones.
I have two password policies and I noticed that only the first digit policy (out of total two password policies) was displayed.
The problem is that the array is merged with keys here:
foreach ($policies as $policy) {
$items = $items + $policy->messages();
}
Instead of just keep adding to an array independent on keys like this:
foreach ($policies as $policy) {
$items[] = $policy->messages();
}
Comment | File | Size | Author |
---|---|---|---|
#8 | password_policy-7.x-2.x-display_all_constraint_messages_for_all_policies-2688137-8.patch | 867 bytes | AohRveTPV |
| |||
#5 | password-policy-isse.png | 89.79 KB | harivenuv |
#2 | addtoarray-2688137-1.patch | 491 bytes | pontus_nilsson |
| |||
passwordpolicies_array.png | 7.7 KB | pontus_nilsson |
Comments
Comment #2
pontus_nilssonPatch added.
Comment #3
pontus_nilssonComment #4
pontus_nilssonComment #5
harivenuvhi pontus_nilsson,
Thank you for report this issue. I have applied your patch but still issue here. I have attach a screenshot.
Comment #6
bmsomega CreditAttribution: bmsomega as a volunteer commentedWouldn't recommend using the dev version of this module. There is a recommended Drupa 7 version now that doesn't implement password_policy_password_element_alter. Instead, password validation is handled by password_policy_password_validate
Comment #7
bmsomega CreditAttribution: bmsomega as a volunteer commentedWouldn't recommend using the dev version of this module. There is a recommended Drupal 7 version now that doesn't implement password_policy_password_element_alter. Instead, password validation is handled by password_policy_password_validate
Comment #8
AohRveTPV CreditAttribution: AohRveTPV commentedThank you, pontus_nilsson, for the bug report and patch.
As harivenuv found, #2 does not work. #2 is adding an array to the end of an array, making an array of arrays. Instead what we need is a single array with all the messages as strings.
I made a new patch that uses
array_merge()
. Please review and test. I found this bug affects not just the static list of requirements, but also the dynamic list of unmet requirements that is displayed as the password is entered.Ideally, the same constraints from multiple policies would be collapsed into one where possible. For instance, requiring 4 digits and requiring 3 digits could be collapsed to just requiring 4 digits. Doing that would add complexity to the code though; I think it's fine for now to display redundant constraints.
Comment #10
AohRveTPV CreditAttribution: AohRveTPV commentedWent ahead and committed #8 so it can get some testing through use. Should be OK since we're in alpha.
Please report if anything needs changing.