From 2c4d67755733e2eac4fccfa1e36fd9afb31723b3 Mon Sep 17 00:00:00 2001 From: Chad Horohoe Date: Wed, 18 Mar 2009 19:55:48 +0000 Subject: [PATCH] Follow up to r47976 (bug 17722). For real this time: fix the regression where users can't reset passwords. Release notes were in previous commit. --- includes/specials/SpecialResetpass.php | 34 ++++++++++++++++++-------- includes/specials/SpecialUserlogin.php | 1 + 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/includes/specials/SpecialResetpass.php b/includes/specials/SpecialResetpass.php index 2884e00ff6..1b96f27a0c 100644 --- a/includes/specials/SpecialResetpass.php +++ b/includes/specials/SpecialResetpass.php @@ -11,10 +11,20 @@ class SpecialResetpass extends SpecialPage { private $mSelfChange = true; // Usually, but sometimes not :) + private $mUser = null; // The user requesting the reset public function __construct() { parent::__construct( 'Resetpass' ); } + + /** + * Sometimes the user requesting the password change is not $wgUser + * See bug 17722 + * @param User $usr + */ + public function setUser( $usr ) { + $this->mUser = $usr; + } /** * Main execution point @@ -28,6 +38,10 @@ class SpecialResetpass extends SpecialPage { $this->mRetype = $wgRequest->getVal( 'wpRetype' ); $this->mComment = $wgRequest->getVal( 'wpComment' ); + if ( is_null( $this->mUser ) ) { + $this->mUser = $wgUser; + } + $this->setHeaders(); $this->outputHeader(); @@ -38,25 +52,25 @@ class SpecialResetpass extends SpecialPage { // Default to our own username when not given one if ( !$this->mUserName ) { - $this->mUserName = $wgUser->getName(); + $this->mUserName = $this->mUser->getName(); } // Are we changing our own? - if ( $wgUser->getName() != $this->mUserName ) { + if ( $this->mUser->getName() != $this->mUserName ) { $this->mSelfChange = false; // We're changing someone else } - if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) { + if( !$wgRequest->wasPosted() && !$this->mUser->isLoggedIn() ) { $this->error( wfMsg( 'resetpass-no-info' ) ); return; } - if ( !$this->mSelfChange && !$wgUser->isAllowed( 'reset-passwords' ) ) { + if ( !$this->mSelfChange && !$this->mUser->isAllowed( 'reset-passwords' ) ) { $this->error( wfMsg( 'resetpass-no-others' ) ); return; } - if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal('token') ) ) { + if( $wgRequest->wasPosted() && $this->mUser->matchEditToken( $wgRequest->getVal('token') ) ) { try { $this->attemptReset( $this->mNewpass, $this->mRetype ); $wgOut->addWikiMsg( 'resetpass_success' ); @@ -96,14 +110,14 @@ class SpecialResetpass extends SpecialPage { $wgOut->disallowUserJs(); - if ( $wgUser->isAllowed( 'reset-passwords') ) { + if ( $this->mUser->isAllowed( 'reset-passwords') ) { $wgOut->addScriptFile( 'changepassword.js' ); } $self = SpecialPage::getTitleFor( 'Resetpass' ); $rememberMe = ''; - if ( !$wgUser->isLoggedIn() ) { + if ( !$this->mUser->isLoggedIn() ) { $rememberMe = '' . '' . '' . @@ -124,16 +138,16 @@ class SpecialResetpass extends SpecialPage { 'method' => 'post', 'action' => $self->getLocalUrl(), 'id' => 'mw-resetpass-form' ) ) . - Xml::hidden( 'token', $wgUser->editToken() ) . + Xml::hidden( 'token', $this->mUser->editToken() ) . Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) . wfMsgExt( 'resetpass_text', array( 'parse' ) ) . Xml::openElement( 'table', array( 'id' => 'mw-resetpass-table' ) ); $formElements = array( - array( 'wpName', 'username', 'text', $this->mUserName, $wgUser->isAllowed( 'reset-passwords' ) ), + array( 'wpName', 'username', 'text', $this->mUserName, $this->mUser->isAllowed( 'reset-passwords' ) ), array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass, $this->mSelfChange ), array( 'wpNewPassword', 'newpassword', 'password', '', true ), array( 'wpRetype', 'retypenew', 'password', '', true ) ); - if ( $wgUser->isAllowed( 'reset-passwords' ) && $this->mSelfChange ) + if ( $this->mUser->isAllowed( 'reset-passwords' ) && $this->mSelfChange ) $formElements[] = array( 'wpComment', 'resetpass-comment', 'text', $this->mComment, true ); $s .= $this->pretty( $formElements ) . $rememberMe . diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index e663cf4cb4..cb35ba6ec7 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -589,6 +589,7 @@ class LoginForm { global $wgOut; $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) ); $reset = new SpecialResetpass(); + $reset->setUser( User::newFromName( $this->mName ) ); $reset->execute( $this->mName ); } -- 2.20.1