From bceb3c7d1acbc7f0ad78cbd84f3ae3caca571bd8 Mon Sep 17 00:00:00 2001 From: Alex Z Date: Sat, 22 Nov 2008 05:03:14 +0000 Subject: [PATCH] Move password resetting out of Special:Preferences, adapt Special:ResetPass to do the job, add Special:ChangePassword as an alias. --- RELEASE-NOTES | 2 + includes/SpecialPage.php | 3 +- includes/specials/SpecialPreferences.php | 53 +---------- includes/specials/SpecialResetpass.php | 114 +++++++++++++---------- includes/specials/SpecialUserlogin.php | 2 +- languages/messages/MessagesEn.php | 26 ++++-- maintenance/language/messages.inc | 5 + 7 files changed, 95 insertions(+), 110 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 29b274d454..8060eaa736 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -212,6 +212,8 @@ The following extensions are migrated into MediaWiki 1.14: * Add id="mw-user-domain-section" to tag in Userlogin.php template so that admins with a single domain can hide the domain section using CSS * Dropped old Paser_OldPP class. Only new parser with preprocessor is used. +* Moved password reset form from Special:Preferences to Special:ResetPass +* Added Special:ChangePassword as a special page alias for Special:ResetPass === Bug fixes in 1.14 === diff --git a/includes/SpecialPage.php b/includes/SpecialPage.php index a6afba45c0..731d2ef3d1 100644 --- a/includes/SpecialPage.php +++ b/includes/SpecialPage.php @@ -89,6 +89,8 @@ class SpecialPage 'CreateAccount' => array( 'SpecialRedirectToSpecial', 'CreateAccount', 'Userlogin', 'signup', array( 'uselang' ) ), 'Preferences' => array( 'SpecialPage', 'Preferences' ), 'Watchlist' => array( 'SpecialPage', 'Watchlist' ), + 'Resetpass' => array( 'SpecialPage', 'Resetpass' ), + 'Recentchanges' => 'SpecialRecentchanges', 'Upload' => array( 'SpecialPage', 'Upload' ), @@ -135,7 +137,6 @@ class SpecialPage 'Recentchangeslinked' => 'SpecialRecentchangeslinked', 'Movepage' => array( 'UnlistedSpecialPage', 'Movepage' ), 'Blockme' => array( 'UnlistedSpecialPage', 'Blockme' ), - 'Resetpass' => array( 'UnlistedSpecialPage', 'Resetpass' ), 'Booksources' => 'SpecialBookSources', 'Categories' => array( 'SpecialPage', 'Categories' ), 'Export' => array( 'SpecialPage', 'Export' ), diff --git a/includes/specials/SpecialPreferences.php b/includes/specials/SpecialPreferences.php index 36ddacd304..d82e56525b 100644 --- a/includes/specials/SpecialPreferences.php +++ b/includes/specials/SpecialPreferences.php @@ -21,7 +21,7 @@ function wfSpecialPreferences() { * @ingroup SpecialPage */ class PreferencesForm { - var $mQuickbar, $mOldpass, $mNewpass, $mRetypePass, $mStubs; + var $mQuickbar, $mStubs; var $mRows, $mCols, $mSkin, $mMath, $mDate, $mUserEmail, $mEmailFlag, $mNick; var $mUserLanguage, $mUserVariant; var $mSearch, $mRecent, $mRecentDays, $mHourDiff, $mSearchLines, $mSearchChars, $mAction; @@ -36,9 +36,6 @@ class PreferencesForm { global $wgContLang, $wgUser, $wgAllowRealName; $this->mQuickbar = $request->getVal( 'wpQuickbar' ); - $this->mOldpass = $request->getVal( 'wpOldpass' ); - $this->mNewpass = $request->getVal( 'wpNewpass' ); - $this->mRetypePass =$request->getVal( 'wpRetypePass' ); $this->mStubs = $request->getVal( 'wpStubs' ); $this->mRows = $request->getVal( 'wpRows' ); $this->mCols = $request->getVal( 'wpCols' ); @@ -212,30 +209,6 @@ class PreferencesForm { global $wgEmailAuthentication, $wgRCMaxAge; global $wgAuth, $wgEmailConfirmToEdit; - - if ( ($this->mNewpass !== '' || $this->mOldpass !== '' ) && $wgAuth->allowPasswordChange() ) { - if ( $this->mNewpass != $this->mRetypePass ) { - wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'badretype' ) ); - $this->mainPrefsForm( 'error', wfMsg( 'badretype' ) ); - return; - } - - if (!$wgUser->checkPassword( $this->mOldpass )) { - wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'wrongpassword' ) ); - $this->mainPrefsForm( 'error', wfMsg( 'wrongpassword' ) ); - return; - } - - try { - $wgUser->setPassword( $this->mNewpass ); - wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'success' ) ); - $this->mNewpass = $this->mOldpass = $this->mRetypePass = ''; - } catch( PasswordError $e ) { - wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'error' ) ); - $this->mainPrefsForm( 'error', $e->getMessage() ); - return; - } - } $wgUser->setRealName( $this->mRealName ); $oldOptions = $wgUser->mOptions; @@ -373,7 +346,6 @@ class PreferencesForm { function resetPrefs() { global $wgUser, $wgLang, $wgContLang, $wgContLanguageCode, $wgAllowRealName; - $this->mOldpass = $this->mNewpass = $this->mRetypePass = ''; $this->mUserEmail = $wgUser->getEmail(); $this->mUserEmailAuthenticationtimestamp = $wgUser->getEmailAuthenticationtimestamp(); $this->mRealName = ($wgAllowRealName) ? $wgUser->getRealName() : ''; @@ -755,28 +727,11 @@ class PreferencesForm { # Password if( $wgAuth->allowPasswordChange() ) { + $link = $wgUser->getSkin()->link( SpecialPage::getTitleFor( 'ResetPass' ), wfMsgHtml( 'prefs-resetpass' ), + array() , array('returnto' => SpecialPage::getTitleFor( 'Preferences') ) ); $wgOut->addHTML( $this->tableRow( Xml::element( 'h2', null, wfMsg( 'changepassword' ) ) ) . - $this->tableRow( - Xml::label( wfMsg( 'oldpassword' ), 'wpOldpass' ), - Xml::password( 'wpOldpass', 25, $this->mOldpass, array( 'id' => 'wpOldpass', 'autocomplete' => 'off' ) ) - ) . - $this->tableRow( - Xml::label( wfMsg( 'newpassword' ), 'wpNewpass' ), - Xml::password( 'wpNewpass', 25, $this->mNewpass, array( 'id' => 'wpNewpass', 'autocomplete' => 'off' ) ) - ) . - $this->tableRow( - Xml::label( wfMsg( 'retypenew' ), 'wpRetypePass' ), - Xml::password( 'wpRetypePass', 25, $this->mRetypePass, array( 'id' => 'wpRetypePass', 'autocomplete' => 'off' ) ) - ) - ); - if( $wgCookieExpiration > 0 ){ - $wgOut->addHTML( - $this->tableRow( $this->getToggle( "rememberpassword" ) ) - ); - } else { - $this->mUsedToggles['rememberpassword'] = true; - } + $this->tableRow( '' ) ); } # diff --git a/includes/specials/SpecialResetpass.php b/includes/specials/SpecialResetpass.php index aba0b004f2..b59a62ecc1 100644 --- a/includes/specials/SpecialResetpass.php +++ b/includes/specials/SpecialResetpass.php @@ -18,11 +18,11 @@ class PasswordResetForm extends SpecialPage { function __construct( $name=null, $reset=null ) { if( $name !== null ) { $this->mName = $name; - $this->mTemporaryPassword = $reset; + $this->mOldpass = $reset; } else { global $wgRequest; $this->mName = $wgRequest->getVal( 'wpName' ); - $this->mTemporaryPassword = $wgRequest->getVal( 'wpPassword' ); + $this->mOldpass = $wgRequest->getVal( 'wpPassword' ); } } @@ -37,8 +37,8 @@ class PasswordResetForm extends SpecialPage { return; } - if( $this->mName === null && !$wgRequest->wasPosted() ) { - $this->error( wfMsg( 'resetpass_missing' ) ); + if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) { + $this->error( wfMsg( 'resetpass-no-info' ) ); return; } @@ -48,20 +48,24 @@ class PasswordResetForm extends SpecialPage { try { $this->attemptReset( $newpass, $retype ); $wgOut->addWikiMsg( 'resetpass_success' ); - - $data = array( - 'action' => 'submitlogin', - 'wpName' => $this->mName, - 'wpPassword' => $newpass, - 'returnto' => $wgRequest->getVal( 'returnto' ), - ); - if( $wgRequest->getCheck( 'wpRemember' ) ) { - $data['wpRemember'] = 1; + if( !$wgUser->isLoggedIn() ) { + $data = array( + 'action' => 'submitlogin', + 'wpName' => $this->mName, + 'wpPassword' => $newpass, + 'returnto' => $wgRequest->getVal( 'returnto' ), + ); + if( $wgRequest->getCheck( 'wpRemember' ) ) { + $data['wpRemember'] = 1; + } + $login = new LoginForm( new FauxRequest( $data, true ) ); + $login->execute(); } - $login = new LoginForm( new FauxRequest( $data, true ) ); - $login->execute(); - - return; + $titleObj = Title::newFromText( $wgRequest->getVal( 'returnto' ) ); + if ( !$titleObj instanceof Title ) { + $titleObj = Title::newMainPage(); + } + $wgOut->redirect( $titleObj->getFullURL() ); } catch( PasswordError $e ) { $this->error( $e->getMessage() ); } @@ -71,9 +75,7 @@ class PasswordResetForm extends SpecialPage { function error( $msg ) { global $wgOut; - $wgOut->addHTML( '
' . - htmlspecialchars( $msg ) . - '
' ); + $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $msg ) ); } function showForm() { @@ -82,44 +84,54 @@ class PasswordResetForm extends SpecialPage { $wgOut->disallowUserJs(); $self = SpecialPage::getTitleFor( 'Resetpass' ); - $form = - '
' . - wfOpenElement( 'form', + if ( !$this->mName ) { + $this->mName = $wgUser->getName(); + } + $rememberMe = ''; + if ( !$wgUser->isLoggedIn() ) { + $rememberMe = '' . + '' . + '' . + Xml::checkLabel( wfMsg( 'remembermypassword' ), + 'wpRemember', 'wpRemember', + $wgRequest->getCheck( 'wpRemember' ) ) . + '' . + ''; + $submitMsg = 'resetpass_submit'; + $oldpassMsg = 'resetpass-temp-password'; + } else { + $oldpassMsg = 'oldpassword'; + $submitMsg = 'resetpass-submit-loggedin'; + } + $wgOut->addHTML( + Xml::openElement( 'fieldset' ) . + Xml::element( 'legend', null, wfMsg( 'resetpass_header' ) ) . + Xml::openElement( 'form', array( 'method' => 'post', - 'action' => $self->getLocalUrl() ) ) . - '

' . wfMsgHtml( 'resetpass_header' ) . '

' . - '
' . + 'action' => $self->getLocalUrl(), + 'id' => 'mw-resetpass-form' ) ) . + Xml::hidden( 'token', $wgUser->editToken() ) . + Xml::hidden( 'wpName', $this->mName ) . + Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) . wfMsgExt( 'resetpass_text', array( 'parse' ) ) . - '
' . '' . - wfHidden( 'token', $wgUser->editToken() ) . - wfHidden( 'wpName', $this->mName ) . - wfHidden( 'wpPassword', $this->mTemporaryPassword ) . - wfHidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) . $this->pretty( array( array( 'wpName', 'username', 'text', $this->mName ), + array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass ), array( 'wpNewPassword', 'newpassword', 'password', '' ), array( 'wpRetype', 'yourpasswordagain', 'password', '' ), ) ) . + $rememberMe . '' . '' . '' . - '' . - '' . - '' . - '' . '' . '
' . - Xml::checkLabel( wfMsg( 'remembermypassword' ), - 'wpRemember', 'wpRemember', - $wgRequest->getCheck( 'wpRemember' ) ) . - '
' . - wfSubmitButton( wfMsgHtml( 'resetpass_submit' ) ) . + wfSubmitButton( wfMsgHtml( $submitMsg ) ) . '
' . - wfCloseElement( 'form' ) . - '
'; - $wgOut->addHTML( $form ); + Xml::closeElement( 'form' ) . + Xml::closeElement( 'fieldset' ) ); } function pretty( $fields ) { @@ -127,16 +139,19 @@ class PasswordResetForm extends SpecialPage { foreach( $fields as $list ) { list( $name, $label, $type, $value ) = $list; if( $type == 'text' ) { - $field = '' . htmlspecialchars( $value ) . ''; + $field = htmlspecialchars( $value ); } else { $field = Xml::input( $name, 20, $value, array( 'id' => $name, 'type' => $type ) ); } $out .= ''; - $out .= ''; - $out .= Xml::label( wfMsg( $label ), $name ); + $out .= ""; + if ( $type != 'text' ) + $out .= Xml::label( wfMsg( $label ), $name ); + else + $out .= wfMsg( $label ); $out .= ''; - $out .= ''; + $out .= ""; $out .= $field; $out .= ''; $out .= ''; @@ -153,8 +168,8 @@ class PasswordResetForm extends SpecialPage { throw new PasswordError( 'no such user' ); } - if( !$user->checkTemporaryPassword( $this->mTemporaryPassword ) ) { - throw new PasswordError( wfMsg( 'resetpass_bad_temporary' ) ); + if( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) { + throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) ); } if( $newpass !== $retype ) { @@ -162,6 +177,7 @@ class PasswordResetForm extends SpecialPage { } $user->setPassword( $newpass ); + $user->setCookies(); $user->saveSettings(); } } diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index d77e5c7908..2ec5942d05 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -582,7 +582,7 @@ class LoginForm { function resetLoginForm( $error ) { global $wgOut; - $wgOut->addWikiText( "
$error
" ); + $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) ); $reset = new PasswordResetForm( $this->mName, $this->mPassword ); $reset->execute( null ); } diff --git a/languages/messages/MessagesEn.php b/languages/messages/MessagesEn.php index 933f420aa7..e3a6ce16b4 100644 --- a/languages/messages/MessagesEn.php +++ b/languages/messages/MessagesEn.php @@ -439,7 +439,7 @@ $specialPageAliases = array( 'Listbots' => array( 'ListBots' ), 'Popularpages' => array( 'PopularPages' ), 'Search' => array( 'Search' ), - 'Resetpass' => array( 'ResetPass', 'ResetPassword' ), + 'Resetpass' => array( 'ResetPass', 'ResetPassword', 'ChangePassword' ), 'Withoutinterwiki' => array( 'WithoutInterwiki' ), 'MergeHistory' => array( 'MergeHistory' ), 'Filepath' => array( 'FilePath' ), @@ -1000,17 +1000,22 @@ Please wait before trying again.", * Nederlands|nl', # do not translate or duplicate this message to other languages # Password reset dialog -'resetpass' => 'Reset account password', -'resetpass_announce' => 'You logged in with a temporary e-mailed code. +'resetpass' => 'Change or reset account password', +'resetpass_announce' => 'You logged in with a temporary e-mailed code. To finish logging in, you must set a new password here:', -'resetpass_text' => '', # only translate this message to other languages if you have to change it -'resetpass_header' => 'Reset password', -'resetpass_submit' => 'Set password and log in', -'resetpass_success' => 'Your password has been changed successfully! Now logging you in...', -'resetpass_bad_temporary' => 'Invalid temporary password. +'resetpass_text' => '', # only translate this message to other languages if you have to change it +'resetpass_header' => 'Reset password', +'resetpass_submit' => 'Set password and log in', +'resetpass_success' => 'Your password has been changed successfully! Now logging you in...', +'resetpass_bad_temporary' => 'Invalid temporary password. You may have already successfully changed your password or requested a new temporary password.', -'resetpass_forbidden' => 'Passwords cannot be changed', -'resetpass_missing' => 'No form data.', +'resetpass_forbidden' => 'Passwords cannot be changed', +'resetpass_missing' => 'No form data.', +'resetpass-no-info' => 'You must be logged in to access this page directly.', +'resetpass-submit-loggedin' => 'Change password', +'resetpass-wrong-oldpass' => 'Invalid temporary or current password. +You may have already successfully changed your password or requested a new temporary password.', +'resetpass-temp-password' => 'Temporary password:', # Edit page toolbar 'bold_sample' => 'Bold text', @@ -1543,6 +1548,7 @@ please see math/README to configure.', 'prefs-watchlist-edits' => 'Maximum number of changes to show in expanded watchlist:', 'prefs-watchlist-edits-max' => '(maximum number: 1000)', 'prefs-misc' => 'Misc', +'prefs-resetpass' => 'Change password', 'saveprefs' => 'Save', 'resetprefs' => 'Clear unsaved changes', 'oldpassword' => 'Old password:', diff --git a/maintenance/language/messages.inc b/maintenance/language/messages.inc index d1c188df87..c3b0fe8b7d 100644 --- a/maintenance/language/messages.inc +++ b/maintenance/language/messages.inc @@ -449,6 +449,10 @@ $wgMessageStructure = array( 'resetpass_bad_temporary', 'resetpass_forbidden', 'resetpass_missing', + 'resetpass-no-info', + 'resetpass-submit-loggedin', + 'resetpass-wrong-oldpass', + 'resetpass-temp-password', ), 'toolbar' => array( 'bold_sample', @@ -862,6 +866,7 @@ $wgMessageStructure = array( 'prefs-watchlist-edits', 'prefs-watchlist-edits-max', 'prefs-misc', + 'prefs-resetpass', 'saveprefs', 'resetprefs', 'oldpassword', -- 2.20.1