User: Add option to disallow set new password equal as current - refs BT#20083

main/auth/profile.php

@@ -343,6 +343,13 @@ if ($showPassword &&
     );
     //    user must enter identical password twice so we can prevent some user errors
     $form->addRule(['password1', 'password2'], get_lang('PassTwo'), 'compare');
+
+    $passwordRequirements = api_get_configuration_value('password_requirements');
+
+    if (!empty($passwordRequirements) && $passwordRequirements['force_different_password']) {
+        $form->addRule(['password0', 'password1'], get_lang('NewPasswordCannotBeSameAsCurrent'), 'compare', 'neq');
+    }
+
     $form->addPasswordRule('password1');
 }
 

main/inc/lib/security.lib.php

@@ -568,7 +568,7 @@ class Security
             $requirements = $passwordRequirements;
         }
 
-        return $requirements;
+        return ['min' => $requirements['min']];
     }
 
     /**

main/install/configuration.dist.php

@@ -343,7 +343,8 @@ $_configuration['system_stable'] = NEW_VERSION_STABLE;
         'numeric' => 2,
         'length' => 8,
         'specials' => 1,
-    ]
+    ],
+    'force_different_password' => false,
 ];*/
 // Customize course session tracking columns
 /*