X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2Fspecials%2FSpecialChangePassword.php;h=4f7ba25dcbe6620eaaee9655f94548df0644ddcd;hb=6e9b4f0e9ce4ccd6089c18b205065ef7fa077484;hp=8656798915dfa291068e2395431d15d349af95c6;hpb=7954e8b37238581482e4cc89bf559aebdd43ac09;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 8656798915..4f7ba25dcb 100644
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -90,58 +90,55 @@ class SpecialChangePassword extends FormSpecialPage {
 			$oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password';
 		}
 
-		$fields = array(
-			'Name' => array(
+		$fields = [
+			'Name' => [
 				'type' => 'info',
 				'label-message' => 'username',
 				'default' => $request->getVal( 'wpName', $user->getName() ),
-			),
-			'Password' => array(
+			],
+			'Password' => [
 				'type' => 'password',
 				'label-message' => $oldpassMsg,
-			),
-			'NewPassword' => array(
+			],
+			'NewPassword' => [
 				'type' => 'password',
 				'label-message' => 'newpassword',
-			),
-			'Retype' => array(
+			],
+			'Retype' => [
 				'type' => 'password',
 				'label-message' => 'retypenew',
-			),
-		);
+			],
+		];
 
 		if ( !$this->getUser()->isLoggedIn() ) {
-			if ( !LoginForm::getLoginToken() ) {
-				LoginForm::setLoginToken();
-			}
-			$fields['LoginOnChangeToken'] = array(
+			$fields['LoginOnChangeToken'] = [
 				'type' => 'hidden',
 				'label' => 'Change Password Token',
-				'default' => LoginForm::getLoginToken(),
-			);
+				'default' => LoginForm::getLoginToken()->toString(),
+			];
 		}
 
-		$extraFields = array();
-		Hooks::run( 'ChangePasswordForm', array( &$extraFields ) );
+		$extraFields = [];
+		Hooks::run( 'ChangePasswordForm', [ &$extraFields ] );
 		foreach ( $extraFields as $extra ) {
 			list( $name, $label, $type, $default ) = $extra;
-			$fields[$name] = array(
+			$fields[$name] = [
 				'type' => $type,
 				'name' => $name,
 				'label-message' => $label,
 				'default' => $default,
-			);
+			];
 		}
 
 		if ( !$user->isLoggedIn() ) {
-			$fields['Remember'] = array(
+			$fields['Remember'] = [
 				'type' => 'check',
 				'label' => $this->msg( 'remembermypassword' )
 						->numParams(
 							ceil( $this->getConfig()->get( 'CookieExpiration' ) / ( 3600 * 24 ) )
 						)->text(),
 				'default' => $request->getVal( 'wpRemember' ),
-			);
+			];
 		}
 
 		return $fields;
@@ -156,10 +153,10 @@ class SpecialChangePassword extends FormSpecialPage {
 				? 'resetpass-submit-loggedin'
 				: 'resetpass_submit'
 		);
-		$form->addButton( array(
+		$form->addButton( [
 			'name' => 'wpCancel',
 			'value' => $this->msg( 'resetpass-submit-cancel' )->text()
-		) );
+		] );
 		$form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() );
 		if ( $this->mPreTextMessage instanceof Message ) {
 			$form->addPreText( $this->mPreTextMessage->parseAsBlock() );
@@ -179,7 +176,7 @@ class SpecialChangePassword extends FormSpecialPage {
 		}
 
 		if ( !$this->getUser()->isLoggedIn()
-			&& $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken()
+			&& !LoginForm::getLoginToken()->match( $request->getVal( 'wpLoginOnChangeToken' ) )
 		) {
 			// Potential CSRF (bug 62497)
 			return false;
@@ -218,15 +215,15 @@ class SpecialChangePassword extends FormSpecialPage {
 			$this->getOutput()->returnToMain();
 		} else {
 			$request = $this->getRequest();
-			LoginForm::setLoginToken();
-			$token = LoginForm::getLoginToken();
-			$data = array(
+			LoginForm::clearLoginToken();
+			$token = LoginForm::getLoginToken()->toString();
+			$data = [
 				'action' => 'submitlogin',
 				'wpName' => $this->mUserName,
 				'wpDomain' => $this->mDomain,
 				'wpLoginToken' => $token,
 				'wpPassword' => $request->getVal( 'wpNewPassword' ),
-			) + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' );
+			] + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' );
 			$login = new LoginForm( new DerivativeRequest( $request, $data, true ) );
 			$login->setContext( $this->getContext() );
 			$login->execute( null );
@@ -256,7 +253,7 @@ class SpecialChangePassword extends FormSpecialPage {
 		}
 
 		if ( $newpass !== $retype ) {
-			Hooks::run( 'PrefsPasswordAudit', array( $user, $newpass, 'badretype' ) );
+			Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'badretype' ] );
 			return Status::newFatal( $this->msg( 'badretype' ) );
 		}
 
@@ -271,7 +268,7 @@ class SpecialChangePassword extends FormSpecialPage {
 
 		// @todo Make these separate messages, since the message is written for both cases
 		if ( !$user->checkTemporaryPassword( $oldpass ) && !$user->checkPassword( $oldpass ) ) {
-			Hooks::run( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
+			Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'wrongpassword' ] );
 			return Status::newFatal( $this->msg( 'resetpass-wrong-oldpass' ) );
 		}
 
@@ -283,8 +280,8 @@ class SpecialChangePassword extends FormSpecialPage {
 		// Do AbortChangePassword after checking mOldpass, so we don't leak information
 		// by possibly aborting a new password before verifying the old password.
 		$abortMsg = 'resetpass-abort-generic';
-		if ( !Hooks::run( 'AbortChangePassword', array( $user, $oldpass, $newpass, &$abortMsg ) ) ) {
-			Hooks::run( 'PrefsPasswordAudit', array( $user, $newpass, 'abortreset' ) );
+		if ( !Hooks::run( 'AbortChangePassword', [ $user, $oldpass, $newpass, &$abortMsg ] ) ) {
+			Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'abortreset' ] );
 			return Status::newFatal( $this->msg( $abortMsg ) );
 		}
 
@@ -295,9 +292,9 @@ class SpecialChangePassword extends FormSpecialPage {
 
 		try {
 			$user->setPassword( $newpass );
-			Hooks::run( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) );
+			Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'success' ] );
 		} catch ( PasswordError $e ) {
-			Hooks::run( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) );
+			Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'error' ] );
 			return Status::newFatal( new RawMessage( $e->getMessage() ) );
 		}
 
@@ -334,12 +331,12 @@ class SpecialChangePassword extends FormSpecialPage {
 			);
 		}
 		// Give extensions a chance to force an expiration
-		Hooks::run( 'ResetPasswordExpiration', array( $this, &$newExpire ) );
+		Hooks::run( 'ResetPasswordExpiration', [ $this, &$newExpire ] );
 		$dbw = wfGetDB( DB_MASTER );
 		$dbw->update(
 			'user',
-			array( 'user_password_expires' => $dbw->timestampOrNull( $newExpire ) ),
-			array( 'user_id' => $user->getID() ),
+			[ 'user_password_expires' => $dbw->timestampOrNull( $newExpire ) ],
+			[ 'user_id' => $user->getID() ],
 			__METHOD__
 		);
 	}