In this function, it is supposed that drupal_build_form() can be called only once for user_profile_form. This is not true if user edit page is overridden by CTools Page Manager module which can call drupal_build_form() several times for the same form in order to check access rules, etc. This makes 'setting' element disappear from $element['#attached']['js'].

The proposed solution: add settings unconditionally (drop already_added check).

function user_form_process_password_confirm($element) {
  global $user;

  $js_settings = array(
    'password' => array(
      'strengthTitle' => t('Password strength:'),
      'hasWeaknesses' => t('To make your password stronger:'),
      'tooShort' => t('Make it at least 6 characters'),
      'addLowerCase' => t('Add lowercase letters'),
      'addUpperCase' => t('Add uppercase letters'),
      'addNumbers' => t('Add numbers'),
      'addPunctuation' => t('Add punctuation'),
      'sameAsUsername' => t('Make it different from your username'),
      'confirmSuccess' => t('yes'),
      'confirmFailure' => t('no'),
      'weak' => t('Weak'),
      'fair' => t('Fair'),
      'good' => t('Good'),
      'strong' => t('Strong'),
      'confirmTitle' => t('Passwords match:'),
      'username' => (isset($user->name) ? $user->name : ''),
    ),
  );

  $element['#attached']['js'][] = drupal_get_path('module', 'user') . '/user.js';
  // Ensure settings are only added once per page.
  static $already_added = FALSE;
  if (!$already_added) {
    $already_added = TRUE;
    $element['#attached']['js'][] = array('data' => $js_settings, 'type' => 'setting');
  }

  return $element;
}
CommentFileSizeAuthor
#2 remove_password_confirm_form_static-2156405-2.patch673 bytesmaximpodorov
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

andypost’s picture

andypost
he/him
Primary language Russian
CreditAttribution: andypost commented

Actually I see not reason in this static

maximpodorov’s picture

maximpodorov CreditAttribution: maximpodorov commented
Status: Active » Needs review
FileSize
remove_password_confirm_form_static-2156405-2.patch673 bytes

Here's the patch which fixes the problem.

jygastaud’s picture

jygastaud CreditAttribution: jygastaud commented

Issue #788166: (Tests needed) password_confirm element breaks if there is more than 1 on a page looks like the one which introduce that static.
Issue #1860910: Password strength indicator fails on multi-step forms is the D8 equivalent of that issue.

rudiedirkx’s picture

rudiedirkx CreditAttribution: rudiedirkx commented

This is the very big downside of the #attached magic. You don't know which will be actually attached. Sometimes 0 of 2, sometimes 1 of 2, sometimes 2 of 2.

Every #attached setting should have an id or uniqueness setting, so you can say this one must be attached only once. The static is not a good solution.

rudiedirkx’s picture

rudiedirkx CreditAttribution: rudiedirkx commented
Status: Needs review » Reviewed & tested by the community

This specific case doesn't even break without the static check... #2 fixes it perfectly, by removing the static check (added in #788166 5y ago).

David_Rothstein’s picture

David_Rothstein CreditAttribution: David_Rothstein as a volunteer commented
Status: Reviewed & tested by the community » Fixed

Yup, this kind of code is no longer necessary since #208611: Add drupal_array_merge_deep() and drupal_array_merge_deep_array() to stop drupal_add_js() from adding settings twice took care of that problem a long time ago.

This issue probably should have been marked as a duplicate of #1860910: Password strength indicator fails on multi-step forms. However, it looks like it was already fixed in Drupal 8 elsewhere. I will close that issue, and am crediting Everett Zufelt in the commit here also (since he essentially wrote the exact same patch).

Committed to 7.x - thanks!

  • David_Rothstein committed dd3004f on 7.x 
    Issue #2156405 by Everett Zufelt, maximpodorov, rudiedirkx, jygastaud:...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.