dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge "Fix "UTPage" creation in tests"
[lhc/web/wiklou.git] / includes / specials / SpecialChangePassword.php
diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 47f5b1e..91d0404 100644 (file)
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -107,6 +107,17 @@ class SpecialChangePassword extends FormSpecialPage {
                        ),
                );
 
+               if ( !$this->getUser()->isLoggedIn() ) {
+                       if ( !LoginForm::getLoginToken() ) {
+                               LoginForm::setLoginToken();
+                       }
+                       $fields['LoginOnChangeToken'] = array(
+                               'type' => 'hidden',
+                               'label' => 'Change Password Token',
+                               'default' => LoginForm::getLoginToken(),
+                       );
+               }
+
                $extraFields = array();
                wfRunHooks( 'ChangePasswordForm', array( &$extraFields ) );
                foreach ( $extraFields as $extra ) {
@@ -141,7 +152,7 @@ class SpecialChangePassword extends FormSpecialPage {
                                ? 'resetpass-submit-loggedin'
                                : 'resetpass_submit'
                );
-               $form->addButton( 'wpCancel',  $this->msg( 'resetpass-submit-cancel' )->text() );
+               $form->addButton( 'wpCancel', $this->msg( 'resetpass-submit-cancel' )->text() );
                $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() );
                if ( $this->mPreTextMessage instanceof Message ) {
                        $form->addPreText( $this->mPreTextMessage->parseAsBlock() );
@@ -160,6 +171,14 @@ class SpecialChangePassword extends FormSpecialPage {
                        return false;
                }
 
+               if ( !$this->getUser()->isLoggedIn()
+                       && $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken()
+               ) {
+                       // Potential CSRF (bug 62497)
+                       return false;
+               }
+
+
                if ( $request->getCheck( 'wpCancel' ) ) {
                        $titleObj = Title::newFromText( $request->getVal( 'returnto' ) );
                        if ( !$titleObj instanceof Title ) {
@@ -167,6 +186,7 @@ class SpecialChangePassword extends FormSpecialPage {
                        }
                        $query = $request->getVal( 'returntoquery' );
                        $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
+
                        return true;
                }
 
Wiklou, le Wiki du Wiklou