8 * Let users recover their password.
11 class SpecialResetpass
extends SpecialPage
{
12 public function __construct() {
13 parent
::__construct( 'Resetpass' );
16 public $mFormFields = array(
19 'label-message' => 'yourname',
24 'label-message' => 'oldpassword',
29 'NewPassword' => array(
31 'label-message' => 'newpassword',
33 'id' => 'wpNewPassword',
38 'label-message' => 'retypenew',
45 'label-message' => 'remembermypassword',
49 public $mSubmitMsg = 'resetpass-submit-loggedin';
50 public $mHeaderMsg = '';
51 public $mHeaderMsgType = 'error';
59 * Main execution point
61 function execute( $par ) {
62 global $wgUser, $wgAuth, $wgOut, $wgRequest;
64 $this->mUsername
= $wgRequest->getVal( 'wpName', $wgUser->getName() );
65 $this->mOldpass
= $wgRequest->getVal( 'wpPassword' );
66 $this->mNewpass
= $wgRequest->getVal( 'wpNewPassword' );
67 $this->mRetype
= $wgRequest->getVal( 'wpRetype' );
68 $this->mRemember
= $wgRequest->getVal( 'wpRemember' );
69 $this->mReturnTo
= $wgRequest->getVal( 'returnto' );
70 $this->mReturnToQuery
= $wgRequest->getVal( 'returntoquery' );
73 $this->outputHeader();
75 if( !$wgAuth->allowPasswordChange() ) {
76 $wgOut->showErrorPage( 'errorpagetitle', 'resetpass_forbidden' );
80 if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) {
81 $wgOut->showErrorPage( 'errorpagetitle', 'resetpass-no-info' );
85 if( $wgRequest->wasPosted()
86 && $wgUser->matchEditToken( $wgRequest->getVal('wpEditToken') )
87 && $this->attemptReset() )
89 # Log the user in if they're not already (ie we're
90 # coming from the e-mail-password-reset route
91 if( !$wgUser->isLoggedIn() ) {
93 'wpName' => $this->mUsername
,
94 'wpPassword' => $this->mNewpass
,
95 'returnto' => $this->mReturnTo
,
97 if( $this->mRemember
) {
98 $data['wpRemember'] = 1;
100 $login = new Login( new FauxRequest( $data, true ) );
101 $login->attemptLogin();
103 # Redirect out to the appropriate target.
104 SpecialUserlogin
::successfulLogin(
107 $this->mReturnToQuery
,
111 # Redirect out to the appropriate target.
112 SpecialUserlogin
::successfulLogin(
115 $this->mReturnToQuery
123 function showForm() {
124 global $wgOut, $wgUser;
126 $wgOut->disallowUserJs();
128 if( $wgUser->isLoggedIn() ){
129 unset( $this->mFormFields
['Remember'] );
131 # Request is coming from Special:UserLogin after it
132 # authenticated someone with a temporary password.
133 $this->mFormFields
['Password']['label-message'] = 'resetpass-temp-password';
134 $this->mSubmitMsg
= 'resetpass_submit';
136 $this->mFormFields
['Name']['default'] = $this->mUsername
;
138 $header = $this->mHeaderMsg
139 ? Xml
::element( 'div', array( 'class' => "{$this->mHeaderMsgType}box" ), wfMsg( $this->mHeaderMsg
) )
142 $form = new HTMLForm( $this->mFormFields
, '' );
143 $form->suppressReset();
144 $form->setSubmitText( wfMsg( $this->mSubmitMsg
) );
145 $form->setTitle( $this->getTitle() );
150 . $form->getButtons()
151 . $form->getHiddenFields()
152 . Html
::hidden( 'wpName', $this->mUsername
)
153 . Html
::hidden( 'returnto', $this->mReturnTo
)
155 $formOutput = $form->wrapForm( $formContents );
159 . Html
::rawElement( 'fieldset', array( 'class' => 'visualClear' ), ''
160 . Html
::element( 'legend', array(), wfMsg( 'resetpass_header' ) )
167 * Try to reset the user's password
169 protected function attemptReset() {
170 $user = User
::newFromName( $this->mUsername
);
171 if( !$user ||
$user->isAnon() ) {
172 $this->mHeaderMsg
= 'no such user';
176 if( $this->mNewpass
!== $this->mRetype
) {
177 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass
, 'badretype' ) );
178 $this->mHeaderMsg
= 'badretype';
182 if( !$user->checkTemporaryPassword($this->mOldpass
) && !$user->checkPassword($this->mOldpass
) ) {
183 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass
, 'wrongpassword' ) );
184 $this->mHeaderMsg
= 'resetpass-wrong-oldpass';
189 $user->setPassword( $this->mNewpass
);
190 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass
, 'success' ) );
191 $this->mNewpass
= $this->mOldpass
= $this->mRetypePass
= '';
192 } catch( PasswordError
$e ) {
193 wfRunHooks( 'PrefsPasswordAudit', array( $user, $this->mNewpass
, 'error' ) );
194 $this->mHeaderMsg
= $e->getMessage();
199 $user->saveSettings();