- /**
- * @private
- */
- function mailPassword() {
- global $wgUser, $wgOut, $wgAuth;
-
- if ( wfReadOnly() ) {
- $wgOut->readOnlyPage();
- return false;
- }
-
- if( !$wgAuth->allowPasswordChange() ) {
- $this->mainLoginForm( wfMsg( 'resetpass_forbidden' ) );
- return;
- }
-
- # Check against blocked IPs so blocked users can't flood admins
- # with password resets
- if( $wgUser->isBlocked() ) {
- $this->mainLoginForm( wfMsg( 'blocked-mailpassword' ) );
- return;
- }
-
- # Check for hooks
- $error = null;
- if ( !wfRunHooks( 'UserLoginMailPassword', array( $this->mName, &$error ) ) ) {
- $this->mainLoginForm( $error );
- return;
- }
-
- # If the user doesn't have a login token yet, set one.
- if ( !self::getLoginToken() ) {
- self::setLoginToken();
- $this->mainLoginForm( wfMsg( 'sessionfailure' ) );
- return;
- }
-
- # If the user didn't pass a login token, tell them we need one
- if ( !$this->mToken ) {
- $this->mainLoginForm( wfMsg( 'sessionfailure' ) );
- return;
- }
-
- # Check against the rate limiter
- if( $wgUser->pingLimiter( 'mailpassword' ) ) {
- $wgOut->rateLimited();
- return;
- }
-
- if ( $this->mName == '' ) {
- $this->mainLoginForm( wfMsg( 'noname' ) );
- return;
- }
- $u = User::newFromName( $this->mName );
- if( !$u instanceof User ) {
- $this->mainLoginForm( wfMsg( 'noname' ) );
- return;
- }
- if ( 0 == $u->getID() ) {
- $this->mainLoginForm( wfMsgWikiHtml( 'nosuchuser', htmlspecialchars( $u->getName() ) ) );
- return;
- }
-
- # Validate the login token
- if ( $this->mToken !== self::getLoginToken() ) {
- $this->mainLoginForm( wfMsg( 'sessionfailure' ) );
- return;
- }
-
- # Check against password throttle
- if ( $u->isPasswordReminderThrottled() ) {
- global $wgPasswordReminderResendTime;
- # Round the time in hours to 3 d.p., in case someone is specifying
- # minutes or seconds.
- $this->mainLoginForm( wfMsgExt( 'throttled-mailpassword', array( 'parsemag' ),
- round( $wgPasswordReminderResendTime, 3 ) ) );
- return;
- }
-
- $result = $this->mailPasswordInternal( $u, true, 'passwordremindertitle', 'passwordremindertext' );
- if( WikiError::isError( $result ) ) {
- $this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
- } else {
- $this->mainLoginForm( wfMsg( 'passwordsent', $u->getName() ), 'success' );
- self::clearLoginToken();
- }
- }
-
-