* @ingroup SpecialPage
*/
-/** Constructor */
-function wfSpecialResetpass( $par ) {
- $form = new PasswordResetForm();
- $form->execute( $par );
-}
-
/**
* Let users recover their password.
* @ingroup SpecialPage
*/
-class PasswordResetForm extends SpecialPage {
- function __construct( $name=null, $reset=null ) {
- if( $name !== null ) {
- $this->mName = $name;
- $this->mOldpass = $reset;
- } else {
- global $wgRequest;
- $this->mName = $wgRequest->getVal( 'wpName' );
- $this->mOldpass = $wgRequest->getVal( 'wpPassword' );
- }
+class PasswordReset extends SpecialPage {
+ public function __construct() {
+ parent::__construct( 'Resetpass' );
}
/**
function execute( $par ) {
global $wgUser, $wgAuth, $wgOut, $wgRequest;
+ $this->mUserName = $wgRequest->getVal( 'wpName' );
+ $this->mOldpass = $wgRequest->getVal( 'wpPassword' );
+ $this->mNewpass = $wgRequest->getVal( 'wpNewPassword' );
+ $this->mRetype = $wgRequest->getVal( 'wpRetype' );
+
+ $this->setHeaders();
+ $this->outputHeader();
+
if( !$wgAuth->allowPasswordChange() ) {
$this->error( wfMsg( 'resetpass_forbidden' ) );
return;
return;
}
- if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal( 'token' ) ) ) {
- $newpass = $wgRequest->getVal( 'wpNewPassword' );
- $retype = $wgRequest->getVal( 'wpRetype' );
+ if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal('token') ) ) {
try {
- $this->attemptReset( $newpass, $retype );
+ $this->attemptReset( $this->mNewpass, $this->mRetype );
$wgOut->addWikiMsg( 'resetpass_success' );
if( !$wgUser->isLoggedIn() ) {
$data = array(
- 'action' => 'submitlogin',
- 'wpName' => $this->mName,
- 'wpPassword' => $newpass,
- 'returnto' => $wgRequest->getVal( 'returnto' ),
+ 'action' => 'submitlogin',
+ 'wpName' => $this->mUserName,
+ 'wpPassword' => $this->mNewpass,
+ 'returnto' => $wgRequest->getVal( 'returnto' ),
);
if( $wgRequest->getCheck( 'wpRemember' ) ) {
$data['wpRemember'] = 1;
$wgOut->disallowUserJs();
$self = SpecialPage::getTitleFor( 'Resetpass' );
- if ( !$this->mName ) {
- $this->mName = $wgUser->getName();
+ if ( !$this->mUserName ) {
+ $this->mUserName = $wgUser->getName();
}
$rememberMe = '';
if ( !$wgUser->isLoggedIn() ) {
'action' => $self->getLocalUrl(),
'id' => 'mw-resetpass-form' ) ) .
Xml::hidden( 'token', $wgUser->editToken() ) .
- Xml::hidden( 'wpName', $this->mName ) .
+ Xml::hidden( 'wpName', $this->mUserName ) .
Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) .
wfMsgExt( 'resetpass_text', array( 'parse' ) ) .
'<table>' .
$this->pretty( array(
- array( 'wpName', 'username', 'text', $this->mName ),
+ array( 'wpName', 'username', 'text', $this->mUserName ),
array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass ),
array( 'wpNewPassword', 'newpassword', 'password', '' ),
array( 'wpRetype', 'yourpasswordagain', 'password', '' ),
'</tr>' .
'</table>' .
Xml::closeElement( 'form' ) .
- Xml::closeElement( 'fieldset' ) );
+ Xml::closeElement( 'fieldset' )
+ );
}
function pretty( $fields ) {
/**
* @throws PasswordError when cannot set the new password because requirements not met.
*/
- function attemptReset( $newpass, $retype ) {
- $user = User::newFromName( $this->mName );
- if( $user->isAnon() ) {
+ protected function attemptReset( $newpass, $retype ) {
+ $user = User::newFromName( $this->mUserName );
+ if( !$user || $user->isAnon() ) {
throw new PasswordError( 'no such user' );
}
-
- if( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) {
- throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
- }
-
+
if( $newpass !== $retype ) {
+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'badretype' ) );
throw new PasswordError( wfMsg( 'badretype' ) );
}
- $user->setPassword( $newpass );
+ if( !$user->checkPassword( $this->mOldpass ) ) {
+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
+ throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
+ }
+
+ try {
+ $user->setPassword( $this->mNewpass );
+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) );
+ $this->mNewpass = $this->mOldpass = $this->mRetypePass = '';
+ } catch( PasswordError $e ) {
+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) );
+ $this->mainPrefsForm( 'error', $e->getMessage() );
+ return;
+ }
+
$user->setCookies();
$user->saveSettings();
}