search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates for core messages from translatewiki.net
[mediawiki.git] / includes / specials / SpecialResetpass.php
blobdf0969efdfb7a276f9093624258a287d70bd0931
1 <?php
2 /**
3 * @file
4 * @ingroup SpecialPage
5 */
6
7 /**
8 * Let users recover their password.
9 * @ingroup SpecialPage
10 */
11 class SpecialResetpass extends SpecialPage {
12 public function __construct() {
13 parent::__construct( 'Resetpass' );
14 }
15
16 public $mFormFields = array(
17 'Name' => array(
18 'type' => 'info',
19 'label-message' => 'yourname',
20 'default' => '',
21 ),
22 'Password' => array(
23 'type' => 'password',
24 'label-message' => 'oldpassword',
25 'size' => '20',
26 'id' => 'wpPassword',
27 'required' => '',
28 ),
29 'NewPassword' => array(
30 'type' => 'password',
31 'label-message' => 'newpassword',
32 'size' => '20',
33 'id' => 'wpNewPassword',
34 'required' => '',
35 ),
36 'Retype' => array(
37 'type' => 'password',
38 'label-message' => 'retypenew',
39 'size' => '20',
40 'id' => 'wpRetype',
41 'required' => '',
42 ),
43 'Remember' => array(
44 'type' => 'check',
45 'label-message' => 'remembermypassword',
46 'id' => 'wpRemember',
47 ),
48 );
49 public $mSubmitMsg = 'resetpass-submit-loggedin';
50 public $mHeaderMsg = '';
51 public $mHeaderMsgType = 'error';
52
53 protected $mUsername;
54 protected $mOldpass;
55 protected $mNewpass;
56 protected $mRetype;
57
58 /**
59 * Main execution point
60 */
61 function execute( $par ) {
62 global $wgUser, $wgAuth, $wgOut, $wgRequest;
63
64 $this->mUsername = $wgRequest->getVal( 'wpName', $wgUser->getName() );
65 $this->mOldpass = $wgRequest->getVal( 'wpPassword' );
66 $this->mNewpass = $wgRequest->getVal( 'wpNewPassword' );
67 $this->mRetype = $wgRequest->getVal( 'wpRetype' );
68 $this->mRemember = $wgRequest->getVal( 'wpRemember' );
69 $this->mReturnTo = $wgRequest->getVal( 'returnto' );
70 $this->mReturnToQuery = $wgRequest->getVal( 'returntoquery' );
71
72 $this->setHeaders();
73 $this->outputHeader();
74
75 if( !$wgAuth->allowPasswordChange() ) {
76 $wgOut->showErrorPage( 'errorpagetitle', 'resetpass_forbidden' );
77 return false;
78 }
79
80 if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) {
81 $wgOut->showErrorPage( 'errorpagetitle', 'resetpass-no-info' );
82 return false;
83 }
84
85 if( $wgRequest->wasPosted()
86 && $wgUser->matchEditToken( $wgRequest->getVal('wpEditToken') )
87 && $this->attemptReset() )
88 {
89 # Log the user in if they're not already (ie we're
90 # coming from the e-mail-password-reset route
91 if( !$wgUser->isLoggedIn() ) {
92 $data = array(
93 'wpName' => $this->mUsername,
94 'wpPassword' => $this->mNewpass,
95 'returnto' => $this->mReturnTo,
96 );
97 if( $this->mRemember ) {
98 $data['wpRemember'] = 1;
99 }
100 $login = new Login( new FauxRequest( $data, true ) );
101 $login->attemptLogin();
102
103 # Redirect out to the appropriate target.
104 SpecialUserlogin::successfulLogin(
105 'resetpass_success',
106 $this->mReturnTo,
107 $this->mReturnToQuery,
108 $login->mLoginResult
109 );
110 } else {
111 # Redirect out to the appropriate target.
112 SpecialUserlogin::successfulLogin(
113 'resetpass_success',
114 $this->mReturnTo,
115 $this->mReturnToQuery
116 );
117 }
118 } else {
119 $this->showForm();
120 }
121 }
122
123 function showForm() {
124 global $wgOut, $wgUser;
125
126 $wgOut->disallowUserJs();
127
128 if( $wgUser->isLoggedIn() ){
129 unset( $this->mFormFields['Remember'] );
130 } else {
131 # Request is coming from Special:UserLogin after it
132 # authenticated someone with a temporary password.
133 $this->mFormFields['Password']['label-message'] = 'resetpass-temp-password';
134 $this->mSubmitMsg = 'resetpass_submit';
135 }
136 $this->mFormFields['Name']['default'] = $this->mUsername;
137
138 $header = $this->mHeaderMsg
139 ? Xml::element( 'div', array( 'class' => "{$this->mHeaderMsgType}box" ), wfMsg( $this->mHeaderMsg ) )
140 : '';
141
142 $form = new HTMLForm( $this->mFormFields, '' );
143 $form->suppressReset();
144 $form->setSubmitText( wfMsg( $this->mSubmitMsg ) );
145 $form->setTitle( $this->getTitle() );
146 $form->loadData();
147
148 $formContents = ''
149 . $form->getBody()
150 . $form->getButtons()
151 . $form->getHiddenFields()
152 . Html::hidden( 'wpName', $this->mUsername )
153 . Html::hidden( 'returnto', $this->mReturnTo )
154 ;
155 $formOutput = $form->wrapForm( $formContents );
156
157 $wgOut->addHTML(
158 $header
159 . Html::rawElement( 'fieldset', array( 'class' => 'visualClear' ), ''
160 . Html::element( 'legend', array(), wfMsg( 'resetpass_header' ) )
161 . $formOutput
162 )
163 );
164 }
165
166 /**
167 * Try to reset the user's password
168 */
169 protected function attemptReset() {
170 $user = User::newFromName( $this->mUsername );
171 if( !$user || $user->isAnon() ) {
172 $this->mHeaderMsg = 'no such user';
173 return false;
174 }
175
176 if( $this->mNewpass !== $this->mRetype ) {
177 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass, 'badretype' ) );
178 $this->mHeaderMsg = 'badretype';
179 return false;
180 }
181
182 if( !$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass) ) {
183 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass, 'wrongpassword' ) );
184 $this->mHeaderMsg = 'resetpass-wrong-oldpass';
185 return false;
186 }
187
188 try {
189 $user->setPassword( $this->mNewpass );
190 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass, 'success' ) );
191 $this->mNewpass = $this->mOldpass = $this->mRetypePass = '';
192 } catch( PasswordError $e ) {
193 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass, 'error' ) );
194 $this->mHeaderMsg = $e->getMessage();
195 return false;
196 }
197
198 $user->setCookies();
199 $user->saveSettings();
200 return true;
201 }
202 }
MediaWiki Core