On one of my sites, I would like to require the user enter his current password if the user wants to change his 'phone number' profile field. I tried to simply add the field to the array of 'current_pass_required_values' in the user account form, and this kinda works, but not well.
A PHP notice is thrown because the profile field is stored in the $account as an array, not as a simple string value. When user_validate_current_pass is run, it expects all the required fields to have the format $account->$key.
Offending line (user.module, user_validate_current_pass()):
if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $account->$key)) {
Luckily for me, PHP simply converts the array to a string... but I don't like having to rely on that. Plus the notices in the log are annoying.
It would be awesome (and helpful for a lot of sites, I think) if it were simple and easy to add the user's current password requirement to arbitrary fields in the user account form.
(Another, sort-of unrelated issue is that the 'description' text of the 'current password' field is not flexible. Even though I've added a field to the required array, it is not added as one of the fields listed in the description. Only 'email address' and 'password' are included. Might have to do with: #973772: Hard to translate: "Enter your current password to change the %mail or %pass." → ).
Postponed: needs info
9.5
Last updated
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.