search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
(bug 35565) Special:Log/patrol doesn't indicate whether patrolling was automatic
[mediawiki.git] / includes / specials / SpecialPasswordReset.php
blob683a71422a201fd71bbfbf3189470e7b3a64e7ef
1 <?php
2 /**
3 * Implements Special:PasswordReset
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * Special page for requesting a password reset email
26 *
27 * @ingroup SpecialPage
28 */
29 class SpecialPasswordReset extends FormSpecialPage {
30
31 /**
32 * @var Message
33 */
34 private $email;
35
36 /**
37 * @var Status
38 */
39 private $result;
40
41 public function __construct() {
42 parent::__construct( 'PasswordReset' );
43 }
44
45 public function userCanExecute( User $user ) {
46 return $this->canChangePassword( $user ) === true && parent::userCanExecute( $user );
47 }
48
49 public function checkExecutePermissions( User $user ) {
50 $error = $this->canChangePassword( $user );
51 if ( is_string( $error ) ) {
52 throw new ErrorPageError( 'internalerror', $error );
53 } elseif ( !$error ) {
54 throw new ErrorPageError( 'internalerror', 'resetpass_forbidden' );
55 }
56
57 return parent::checkExecutePermissions( $user );
58 }
59
60 protected function getFormFields() {
61 global $wgPasswordResetRoutes, $wgAuth;
62 $a = array();
63 if ( isset( $wgPasswordResetRoutes['username'] ) && $wgPasswordResetRoutes['username'] ) {
64 $a['Username'] = array(
65 'type' => 'text',
66 'label-message' => 'passwordreset-username',
67 );
68 if( $this->getUser()->isLoggedIn() ) {
69 $a['Username']['default'] = $this->getUser()->getName();
70 }
71 }
72
73 if ( isset( $wgPasswordResetRoutes['email'] ) && $wgPasswordResetRoutes['email'] ) {
74 $a['Email'] = array(
75 'type' => 'email',
76 'label-message' => 'passwordreset-email',
77 );
78 }
79
80 if ( isset( $wgPasswordResetRoutes['domain'] ) && $wgPasswordResetRoutes['domain'] ) {
81 $domains = $wgAuth->domainList();
82 $a['Domain'] = array(
83 'type' => 'select',
84 'options' => $domains,
85 'label-message' => 'passwordreset-domain',
86 );
87 }
88
89 if( $this->getUser()->isAllowed( 'passwordreset' ) ){
90 $a['Capture'] = array(
91 'type' => 'check',
92 'label-message' => 'passwordreset-capture',
93 'help-message' => 'passwordreset-capture-help',
94 );
95 }
96
97 return $a;
98 }
99
100 public function alterForm( HTMLForm $form ) {
101 $form->setSubmitTextMsg( 'mailmypassword' );
102 }
103
104 protected function preText() {
105 global $wgPasswordResetRoutes;
106 $i = 0;
107 if ( isset( $wgPasswordResetRoutes['username'] ) && $wgPasswordResetRoutes['username'] ) {
108 $i++;
109 }
110 if ( isset( $wgPasswordResetRoutes['email'] ) && $wgPasswordResetRoutes['email'] ) {
111 $i++;
112 }
113 if ( isset( $wgPasswordResetRoutes['domain'] ) && $wgPasswordResetRoutes['domain'] ) {
114 $i++;
115 }
116 return $this->msg( 'passwordreset-pretext', $i )->parseAsBlock();
117 }
118
119 /**
120 * Process the form. At this point we know that the user passes all the criteria in
121 * userCanExecute(), and if the data array contains 'Username', etc, then Username
122 * resets are allowed.
123 * @param $data array
124 * @return Bool|Array
125 */
126 public function onSubmit( array $data ) {
127 global $wgAuth;
128
129 if ( isset( $data['Domain'] ) ) {
130 if ( $wgAuth->validDomain( $data['Domain'] ) ) {
131 $wgAuth->setDomain( $data['Domain'] );
132 } else {
133 $wgAuth->setDomain( 'invaliddomain' );
134 }
135 }
136
137 if( isset( $data['Capture'] ) && !$this->getUser()->isAllowed( 'passwordreset' ) ){
138 // The user knows they don't have the passwordreset permission, but they tried to spoof the form. That's naughty
139 throw new PermissionsError( 'passwordreset' );
140 }
141
142 /**
143 * @var $firstUser User
144 * @var $users User[]
145 */
146
147 if ( isset( $data['Username'] ) && $data['Username'] !== '' ) {
148 $method = 'username';
149 $users = array( User::newFromName( $data['Username'] ) );
150 } elseif ( isset( $data['Email'] )
151 && $data['Email'] !== ''
152 && Sanitizer::validateEmail( $data['Email'] ) )
153 {
154 $method = 'email';
155 $res = wfGetDB( DB_SLAVE )->select(
156 'user',
157 '*',
158 array( 'user_email' => $data['Email'] ),
159 __METHOD__
160 );
161 if ( $res ) {
162 $users = array();
163 foreach( $res as $row ){
164 $users[] = User::newFromRow( $row );
165 }
166 } else {
167 // Some sort of database error, probably unreachable
168 throw new MWException( 'Unknown database error in ' . __METHOD__ );
169 }
170 } else {
171 // The user didn't supply any data
172 return false;
173 }
174
175 // Check for hooks (captcha etc), and allow them to modify the users list
176 $error = array();
177 if ( !wfRunHooks( 'SpecialPasswordResetOnSubmit', array( &$users, $data, &$error ) ) ) {
178 return array( $error );
179 }
180
181 if( count( $users ) == 0 ){
182 if( $method == 'email' ){
183 // Don't reveal whether or not an email address is in use
184 return true;
185 } else {
186 return array( 'noname' );
187 }
188 }
189
190 $firstUser = $users[0];
191
192 if ( !$firstUser instanceof User || !$firstUser->getID() ) {
193 return array( array( 'nosuchuser', $data['Username'] ) );
194 }
195
196 // Check against the rate limiter
197 if ( $this->getUser()->pingLimiter( 'mailpassword' ) ) {
198 throw new ThrottledError;
199 }
200
201 // Check against password throttle
202 foreach ( $users as $user ) {
203 if ( $user->isPasswordReminderThrottled() ) {
204 global $wgPasswordReminderResendTime;
205 # Round the time in hours to 3 d.p., in case someone is specifying
206 # minutes or seconds.
207 return array( array( 'throttled-mailpassword', round( $wgPasswordReminderResendTime, 3 ) ) );
208 }
209 }
210
211 global $wgNewPasswordExpiry;
212
213 // All the users will have the same email address
214 if ( $firstUser->getEmail() == '' ) {
215 // This won't be reachable from the email route, so safe to expose the username
216 return array( array( 'noemail', $firstUser->getName() ) );
217 }
218
219 // We need to have a valid IP address for the hook, but per bug 18347, we should
220 // send the user's name if they're logged in.
221 $ip = $this->getRequest()->getIP();
222 if ( !$ip ) {
223 return array( 'badipaddress' );
224 }
225 $caller = $this->getUser();
226 wfRunHooks( 'User::mailPasswordInternal', array( &$caller, &$ip, &$firstUser ) );
227 $username = $caller->getName();
228 $msg = IP::isValid( $username )
229 ? 'passwordreset-emailtext-ip'
230 : 'passwordreset-emailtext-user';
231
232 $passwords = array();
233 foreach ( $users as $user ) {
234 $password = $user->randomPassword();
235 $user->setNewpassword( $password );
236 $user->saveSettings();
237 $passwords[] = $this->msg( 'passwordreset-emailelement', $user->getName(), $password )->plain(); // We'll escape the whole thing later
238 }
239 $passwordBlock = implode( "\n\n", $passwords );
240
241 // Send in the user's language; which should hopefully be the same
242 $userLanguage = $firstUser->getOption( 'language' );
243
244 $this->email = $this->msg( $msg )->inLanguage( $userLanguage );
245 $this->email->params(
246 $username,
247 $passwordBlock,
248 count( $passwords ),
249 Title::newMainPage()->getCanonicalUrl(),
250 round( $wgNewPasswordExpiry / 86400 )
251 );
252
253 $title = $this->msg( 'passwordreset-emailtitle' );
254
255 $this->result = $firstUser->sendMail( $title->escaped(), $this->email->escaped() );
256
257 // Blank the email if the user is not supposed to see it
258 if( !isset( $data['Capture'] ) || !$data['Capture'] ) {
259 $this->email = null;
260 }
261
262 if ( $this->result->isGood() ) {
263 return true;
264 } elseif( isset( $data['Capture'] ) && $data['Capture'] ){
265 // The email didn't send, but maybe they knew that and that's why they captured it
266 return true;
267 } else {
268 // @todo FIXME: The email didn't send, but we have already set the password throttle
269 // timestamp, so they won't be able to try again until it expires... :(
270 return array( array( 'mailerror', $this->result->getMessage() ) );
271 }
272 }
273
274 public function onSuccess() {
275 if( $this->getUser()->isAllowed( 'passwordreset' ) && $this->email != null ){
276 // @todo: Logging
277
278 if( $this->result->isGood() ){
279 $this->getOutput()->addWikiMsg( 'passwordreset-emailsent-capture' );
280 } else {
281 $this->getOutput()->addWikiMsg( 'passwordreset-emailerror-capture', $this->result->getMessage() );
282 }
283
284 $this->getOutput()->addHTML( Html::rawElement( 'pre', array(), $this->email->escaped() ) );
285 }
286
287 $this->getOutput()->addWikiMsg( 'passwordreset-emailsent' );
288 $this->getOutput()->returnToMain();
289 }
290
291 protected function canChangePassword( User $user ) {
292 global $wgPasswordResetRoutes, $wgAuth;
293
294 // Maybe password resets are disabled, or there are no allowable routes
295 if ( !is_array( $wgPasswordResetRoutes ) ||
296 !in_array( true, array_values( $wgPasswordResetRoutes ) ) )
297 {
298 return 'passwordreset-disabled';
299 }
300
301 // Maybe the external auth plugin won't allow local password changes
302 if ( !$wgAuth->allowPasswordChange() ) {
303 return 'resetpass_forbidden';
304 }
305
306 // Maybe the user is blocked (check this here rather than relying on the parent
307 // method as we have a more specific error message to use here
308 if ( $user->isBlocked() ) {
309 return 'blocked-mailpassword';
310 }
311
312 return true;
313 }
314
315 /**
316 * Hide the password reset page if resets are disabled.
317 * @return Bool
318 */
319 function isListed() {
320 if ( $this->canChangePassword( $this->getUser() ) === true ) {
321 return parent::isListed();
322 }
323
324 return false;
325 }
326 }
MediaWiki Core