From 869d547d33d58f2e7626f93952fa85f1e2fa2126 Mon Sep 17 00:00:00 2001 From: Alexandre Emsenhuber Date: Thu, 22 Aug 2013 19:37:23 +0200 Subject: [PATCH] Update Special:ChangePassword to use HTMLForm Makes the code shorter and easier to read. Change-Id: I2a3db995c2c560354376fccb48137996dd9432fd --- includes/specials/SpecialChangePassword.php | 291 +++++++++----------- includes/specials/SpecialUserlogin.php | 4 +- 2 files changed, 127 insertions(+), 168 deletions(-) diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php index 4b6299084b..d54828a1bf 100644 --- a/includes/specials/SpecialChangePassword.php +++ b/includes/specials/SpecialChangePassword.php @@ -26,210 +26,164 @@ * * @ingroup SpecialPage */ -class SpecialChangePassword extends UnlistedSpecialPage { +class SpecialChangePassword extends FormSpecialPage { - protected $mUserName, $mOldpass, $mNewpass, $mRetype, $mDomain; + protected $mUserName, $mDomain; public function __construct() { parent::__construct( 'ChangePassword', 'editmyprivateinfo' ); + $this->listed( false ); } /** * Main execution point */ function execute( $par ) { - global $wgAuth; - - $this->setHeaders(); - $this->outputHeader(); $this->getOutput()->disallowUserJs(); - $request = $this->getRequest(); + parent::execute( $par ); + } - if ( !$request->wasPosted() ) { + protected function checkExecutePermissions( User $user ) { + parent::checkExecutePermissions( $user ); + + if ( !$this->getRequest()->wasPosted() ) { $this->requireLogin( 'resetpass-no-info' ); } + } - $this->mUserName = trim( $request->getVal( 'wpName' ) ); - $this->mOldpass = $request->getVal( 'wpPassword' ); - $this->mNewpass = $request->getVal( 'wpNewPassword' ); - $this->mRetype = $request->getVal( 'wpRetype' ); - $this->mDomain = $request->getVal( 'wpDomain' ); + protected function getFormFields() { + global $wgCookieExpiration; $user = $this->getUser(); + $request = $this->getRequest(); - if ( $request->wasPosted() && $request->getBool( 'wpCancel' ) ) { - $titleObj = Title::newFromText( $request->getVal( 'returnto' ) ); - if ( !$titleObj instanceof Title ) { - $titleObj = Title::newMainPage(); - } - $query = $request->getVal( 'returntoquery' ); - $this->getOutput()->redirect( $titleObj->getFullURL( $query ) ); + $oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password'; + + $fields = array( + 'Name' => array( + 'type' => 'info', + 'label-message' => 'username', + 'default' => $request->getVal( 'wpName', $user->getName() ), + ), + 'Password' => array( + 'type' => 'password', + 'label-message' => $oldpassMsg, + ), + 'NewPassword' => array( + 'type' => 'password', + 'label-message' => 'newpassword', + ), + 'Retype' => array( + 'type' => 'password', + 'label-message' => 'retypenew', + ), + ); - return; + $extraFields = array(); + wfRunHooks( 'ChangePasswordForm', array( &$extraFields ) ); + foreach ( $extraFields as $extra ) { + list( $name, $label, $type, $default ) = $extra; + $fields[$name] = array( + 'type' => $type, + 'name' => $name, + 'label-message' => $label, + 'default' => $default, + ); } - $this->checkReadOnly(); - $this->checkPermissions(); - - if ( $request->wasPosted() && $user->matchEditToken( $request->getVal( 'token' ) ) ) { - try { - $this->mDomain = $wgAuth->getDomain(); - if ( !$wgAuth->allowPasswordChange() ) { - $this->error( $this->msg( 'resetpass_forbidden' )->text() ); - - return; - } - - $this->attemptReset( $this->mNewpass, $this->mRetype ); - - if ( $user->isLoggedIn() ) { - $this->getOutput()->wrapWikiMsg( - "
\n$1\n
", - 'changepassword-success' - ); - $this->getOutput()->returnToMain(); - } else { - LoginForm::setLoginToken(); - $token = LoginForm::getLoginToken(); - $data = array( - 'action' => 'submitlogin', - 'wpName' => $this->mUserName, - 'wpDomain' => $this->mDomain, - 'wpLoginToken' => $token, - 'wpPassword' => $request->getVal( 'wpNewPassword' ), - ) + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' ); - $login = new LoginForm( new DerivativeRequest( $request, $data, true ) ); - $login->setContext( $this->getContext() ); - $login->execute( null ); - } - - return; - } catch ( PasswordError $e ) { - $this->error( $e->getMessage() ); - } + if ( !$user->isLoggedIn() ) { + $fields['Remember'] = array( + 'type' => 'check', + 'label' => $this->msg( 'remembermypassword' ) + ->numParams( ceil( $wgCookieExpiration / ( 3600 * 24 ) ) ) + ->text(), + 'default' => $request->getVal( 'wpRemember' ), + ); } - $this->showForm(); + + return $fields; } - /** - * @param $msg string - */ - function error( $msg ) { - $this->getOutput()->addHTML( Xml::element( 'p', array( 'class' => 'error' ), $msg ) ); + protected function alterForm( HTMLForm $form ) { + $form->setId( 'mw-resetpass-form' ); + $form->setTableId( 'mw-resetpass-table' ); + $form->setWrapperLegendMsg( 'resetpass_header' ); + $form->setSubmitTextMsg( + $this->getUser()->isLoggedIn() + ? 'resetpass-submit-loggedin' + : 'resetpass_submit' + ); + $form->addButton( 'wpCancel', $this->msg( 'resetpass-submit-cancel' )->text() ); + $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() ); + $form->addHiddenFields( + $this->getRequest()->getValues( 'wpName', 'wpDomain', 'returnto', 'returntoquery' ) ); } - function showForm() { - global $wgCookieExpiration; + public function onSubmit( array $data ) { + global $wgAuth; - $user = $this->getUser(); - if ( !$this->mUserName ) { - $this->mUserName = $user->getName(); - } - $rememberMe = ''; - if ( !$user->isLoggedIn() ) { - $rememberMe = '' . - '' . - '' . - Xml::checkLabel( - $this->msg( 'remembermypassword' )->numParams( ceil( $wgCookieExpiration / ( 3600 * 24 ) ) )->text(), - 'wpRemember', 'wpRemember', - $this->getRequest()->getCheck( 'wpRemember' ) ) . - '' . - ''; - $submitMsg = 'resetpass_submit'; - $oldpassMsg = 'resetpass-temp-password'; - } else { - $oldpassMsg = 'oldpassword'; - $submitMsg = 'resetpass-submit-loggedin'; - } - $extraFields = array(); - wfRunHooks( 'ChangePasswordForm', array( &$extraFields ) ); - $prettyFields = array( - array( 'wpName', 'username', 'text', $this->mUserName ), - array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass ), - array( 'wpNewPassword', 'newpassword', 'password', null ), - array( 'wpRetype', 'retypenew', 'password', null ), - ); - $prettyFields = array_merge( $prettyFields, $extraFields ); - $hiddenFields = array( - 'token' => $user->getEditToken(), - 'wpName' => $this->mUserName, - 'wpDomain' => $this->mDomain, - ) + $this->getRequest()->getValues( 'returnto', 'returntoquery' ); - $hiddenFieldsStr = ''; - foreach ( $hiddenFields as $fieldname => $fieldvalue ) { - $hiddenFieldsStr .= Html::hidden( $fieldname, $fieldvalue ) . "\n"; + $request = $this->getRequest(); + + if ( $request->getCheck( 'wpLoginToken' ) ) { + // This comes from Special:Userlogin when logging in with a temporary password + return false; } - $this->getOutput()->addHTML( - Xml::fieldset( $this->msg( 'resetpass_header' )->text() ) . - Xml::openElement( 'form', - array( - 'method' => 'post', - 'action' => $this->getPageTitle()->getLocalURL(), - 'id' => 'mw-resetpass-form' ) ) . "\n" . - $hiddenFieldsStr . - $this->msg( 'resetpass_text' )->parseAsBlock() . "\n" . - Xml::openElement( 'table', array( 'id' => 'mw-resetpass-table' ) ) . "\n" . - $this->pretty( $prettyFields ) . "\n" . - $rememberMe . - "\n" . - "\n" . - '' . - Xml::submitButton( $this->msg( $submitMsg )->text() ) . - Xml::submitButton( $this->msg( 'resetpass-submit-cancel' )->text(), array( 'name' => 'wpCancel' ) ) . - "\n" . - "\n" . - Xml::closeElement( 'table' ) . - Xml::closeElement( 'form' ) . - Xml::closeElement( 'fieldset' ) . "\n" - ); - } - /** - * @param $fields array - * @return string - */ - function pretty( $fields ) { - $out = ''; - foreach ( $fields as $list ) { - list( $name, $label, $type, $value ) = $list; - if ( $type == 'text' ) { - $field = htmlspecialchars( $value ); - } else { - $attribs = array( 'id' => $name ); - if ( $name == 'wpNewPassword' || $name == 'wpRetype' ) { - $attribs = array_merge( $attribs, - User::passwordChangeInputAttribs() ); - } - if ( $name == 'wpPassword' ) { - $attribs[] = 'autofocus'; - } - $field = Html::input( $name, $value, $type, $attribs ); + if ( $request->getCheck( 'wpCancel' ) ) { + $titleObj = Title::newFromText( $request->getVal( 'returnto' ) ); + if ( !$titleObj instanceof Title ) { + $titleObj = Title::newMainPage(); } - $out .= "\n"; - $out .= "\t"; + $query = $request->getVal( 'returntoquery' ); + $this->getOutput()->redirect( $titleObj->getFullURL( $query ) ); + return true; + } - if ( $type != 'text' ) { - $out .= Xml::label( $this->msg( $label )->text(), $name ); - } else { - $out .= $this->msg( $label )->escaped(); + try { + $this->mUserName = $request->getVal( 'wpName', $this->getUser()->getName() ); + $this->mDomain = $wgAuth->getDomain(); + + if ( !$wgAuth->allowPasswordChange() ) { + throw new ErrorPageError( 'changepassword', 'resetpass_forbidden' ); } - $out .= "\n"; - $out .= "\t"; - $out .= $field; - $out .= "\n"; - $out .= ""; + $this->attemptReset( $data['Password'], $data['NewPassword'], $data['Retype'] ); + + return true; + } catch ( PasswordError $e ) { + return $e->getMessage(); } + } - return $out; + public function onSuccess() { + if ( $this->getUser()->isLoggedIn() ) { + $this->getOutput()->wrapWikiMsg( + "
\n$1\n
", + 'changepassword-success' + ); + $this->getOutput()->returnToMain(); + } else { + $request = $this->getRequest(); + LoginForm::setLoginToken(); + $token = LoginForm::getLoginToken(); + $data = array( + 'action' => 'submitlogin', + 'wpName' => $this->mUserName, + 'wpDomain' => $this->mDomain, + 'wpLoginToken' => $token, + 'wpPassword' => $request->getVal( 'wpNewPassword' ), + ) + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' ); + $login = new LoginForm( new DerivativeRequest( $request, $data, true ) ); + $login->setContext( $this->getContext() ); + $login->execute( null ); + } } /** * @throws PasswordError when cannot set the new password because requirements not met. */ - protected function attemptReset( $newpass, $retype ) { + protected function attemptReset( $oldpass, $newpass, $retype ) { global $wgPasswordAttemptThrottle; $isSelf = ( $this->mUserName === $this->getUser()->getName() ); @@ -258,12 +212,12 @@ class SpecialChangePassword extends UnlistedSpecialPage { } $abortMsg = 'resetpass-abort-generic'; - if ( !wfRunHooks( 'AbortChangePassword', array( $user, $this->mOldpass, $newpass, &$abortMsg ) ) ) { + if ( !wfRunHooks( 'AbortChangePassword', array( $user, $oldpass, $newpass, &$abortMsg ) ) ) { wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'abortreset' ) ); throw new PasswordError( $this->msg( $abortMsg )->text() ); } - if ( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) { + if ( !$user->checkTemporaryPassword( $oldpass ) && !$user->checkPassword( $oldpass ) ) { wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) ); throw new PasswordError( $this->msg( 'resetpass-wrong-oldpass' )->text() ); } @@ -274,9 +228,8 @@ class SpecialChangePassword extends UnlistedSpecialPage { } try { - $user->setPassword( $this->mNewpass ); + $user->setPassword( $newpass ); wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) ); - $this->mNewpass = $this->mOldpass = $this->mRetype = ''; } catch ( PasswordError $e ) { wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) ); throw new PasswordError( $e->getMessage() ); @@ -291,6 +244,10 @@ class SpecialChangePassword extends UnlistedSpecialPage { $user->saveSettings(); } + public function requiresUnblock() { + return false; + } + protected function getGroupName() { return 'users'; } diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 3a6401491a..661960ba13 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -856,7 +856,9 @@ class LoginForm extends SpecialPage { function resetLoginForm( $error ) { $this->getOutput()->addHTML( Xml::element( 'p', array( 'class' => 'error' ), $error ) ); $reset = new SpecialChangePassword(); - $reset->setContext( $this->getContext() ); + $derivative = new DerivativeContext( $this->getContext() ); + $derivative->setTitle( $reset->getTitle() ); + $reset->setContext( $derivative ); $reset->execute( null ); } -- 2.20.1