}
$this->attemptReset( $this->mNewpass, $this->mRetype );
- $this->getOutput()->addWikiMsg( 'resetpass_success' );
- if( !$user->isLoggedIn() ) {
+
+ if( $user->isLoggedIn() ) {
+ $this->doReturnTo();
+ } else {
LoginForm::setLoginToken();
$token = LoginForm::getLoginToken();
$data = array(
'wpName' => $this->mUserName,
'wpDomain' => $this->mDomain,
'wpLoginToken' => $token,
- 'wpPassword' => $this->mNewpass,
+ 'wpPassword' => $request->getVal( 'wpNewPassword' ),
'returnto' => $request->getVal( 'returnto' ),
);
if( $request->getCheck( 'wpRemember' ) ) {
$login->setContext( $this->getContext() );
$login->execute( null );
}
- $this->doReturnTo();
+ return;
} catch( PasswordError $e ) {
$this->error( $e->getMessage() );
}
* @throws PasswordError when cannot set the new password because requirements not met.
*/
protected function attemptReset( $newpass, $retype ) {
- $user = User::newFromName( $this->mUserName );
+ $isSelf = ( $this->mUserName === $this->getUser()->getName() );
+ if ( $isSelf ) {
+ $user = $this->getUser();
+ } else {
+ $user = User::newFromName( $this->mUserName );
+ }
+
if( !$user || $user->isAnon() ) {
throw new PasswordError( $this->msg( 'nosuchusershort', $this->mUserName )->text() );
}
throw new PasswordError( $e->getMessage() );
}
- $user->setCookies();
+ if ( $isSelf ) {
+ // This is needed to keep the user connected since
+ // changing the password also modifies the user's token.
+ $user->setCookies();
+ }
+
$user->saveSettings();
}
}