listed( false ); } public function doesWrites() { return true; } /** * Main execution point * @param string|null $par */ function execute( $par ) { $this->getOutput()->disallowUserJs(); parent::execute( $par ); } protected function checkExecutePermissions( User $user ) { parent::checkExecutePermissions( $user ); if ( !$this->getRequest()->wasPosted() ) { $this->requireLogin( 'resetpass-no-info' ); } } /** * Set a message at the top of the Change Password form * @since 1.23 * @param Message $msg Message to parse and add to the form header */ public function setChangeMessage( Message $msg ) { $this->mPreTextMessage = $msg; } /** * Set a message at the top of the Change Password form * @since 1.23 * @param string $msg Message label for old/temp password field */ public function setOldPasswordMessage( $msg ) { $this->mOldPassMsg = $msg; } protected function getFormFields() { $user = $this->getUser(); $request = $this->getRequest(); $oldpassMsg = $this->mOldPassMsg; if ( $oldpassMsg === null ) { $oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password'; } $fields = [ 'Name' => [ 'type' => 'info', 'label-message' => 'username', 'default' => $request->getVal( 'wpName', $user->getName() ), ], 'Password' => [ 'type' => 'password', 'label-message' => $oldpassMsg, ], 'NewPassword' => [ 'type' => 'password', 'label-message' => 'newpassword', ], 'Retype' => [ 'type' => 'password', 'label-message' => 'retypenew', ], ]; if ( !$this->getUser()->isLoggedIn() ) { $fields['LoginOnChangeToken'] = [ 'type' => 'hidden', 'label' => 'Change Password Token', 'default' => LoginForm::getLoginToken()->toString(), ]; } $extraFields = []; Hooks::run( 'ChangePasswordForm', [ &$extraFields ] ); foreach ( $extraFields as $extra ) { list( $name, $label, $type, $default ) = $extra; $fields[$name] = [ 'type' => $type, 'name' => $name, 'label-message' => $label, 'default' => $default, ]; } if ( !$user->isLoggedIn() ) { $fields['Remember'] = [ 'type' => 'check', 'label' => $this->msg( 'remembermypassword' ) ->numParams( ceil( $this->getConfig()->get( 'CookieExpiration' ) / ( 3600 * 24 ) ) )->text(), 'default' => $request->getVal( 'wpRemember' ), ]; } return $fields; } protected function alterForm( HTMLForm $form ) { $form->setId( 'mw-resetpass-form' ); $form->setTableId( 'mw-resetpass-table' ); $form->setWrapperLegendMsg( 'resetpass_header' ); $form->setSubmitTextMsg( $this->getUser()->isLoggedIn() ? 'resetpass-submit-loggedin' : 'resetpass_submit' ); $form->addButton( [ 'name' => 'wpCancel', 'value' => $this->msg( 'resetpass-submit-cancel' )->text() ] ); $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() ); if ( $this->mPreTextMessage instanceof Message ) { $form->addPreText( $this->mPreTextMessage->parseAsBlock() ); } $form->addHiddenFields( $this->getRequest()->getValues( 'wpName', 'wpDomain', 'returnto', 'returntoquery' ) ); } public function onSubmit( array $data ) { global $wgAuth; $request = $this->getRequest(); if ( $request->getCheck( 'wpLoginToken' ) ) { // This comes from Special:Userlogin when logging in with a temporary password return false; } if ( !$this->getUser()->isLoggedIn() && !LoginForm::getLoginToken()->match( $request->getVal( 'wpLoginOnChangeToken' ) ) ) { // Potential CSRF (bug 62497) return false; } if ( $request->getCheck( 'wpCancel' ) ) { $returnto = $request->getVal( 'returnto' ); $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null; if ( !$titleObj instanceof Title ) { $titleObj = Title::newMainPage(); } $query = $request->getVal( 'returntoquery' ); $this->getOutput()->redirect( $titleObj->getFullURL( $query ) ); return true; } $this->mUserName = $request->getVal( 'wpName', $this->getUser()->getName() ); $this->mDomain = $wgAuth->getDomain(); if ( !$wgAuth->allowPasswordChange() ) { throw new ErrorPageError( 'changepassword', 'resetpass_forbidden' ); } $status = $this->attemptReset( $data['Password'], $data['NewPassword'], $data['Retype'] ); return $status; } public function onSuccess() { if ( $this->getUser()->isLoggedIn() ) { $this->getOutput()->wrapWikiMsg( "