* @ingroup SpecialPage
*/
class SpecialChangePassword extends FormSpecialPage {
-
- protected $mUserName, $mDomain;
+ protected $mUserName;
+ protected $mDomain;
// Optional Wikitext Message to show above the password change form
protected $mPreTextMessage = null;
$request = $this->getRequest();
$oldpassMsg = $this->mOldPassMsg;
- if ( !isset( $oldpassMsg ) ) {
+ if ( $oldpassMsg === null ) {
$oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password';
}
),
);
+ if ( !$this->getUser()->isLoggedIn() ) {
+ if ( !LoginForm::getLoginToken() ) {
+ LoginForm::setLoginToken();
+ }
+ $fields['LoginOnChangeToken'] = array(
+ 'type' => 'hidden',
+ 'label' => 'Change Password Token',
+ 'default' => LoginForm::getLoginToken(),
+ );
+ }
+
$extraFields = array();
wfRunHooks( 'ChangePasswordForm', array( &$extraFields ) );
foreach ( $extraFields as $extra ) {
return false;
}
+ if ( !$this->getUser()->isLoggedIn()
+ && $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken()
+ ) {
+ // Potential CSRF (bug 62497)
+ return false;
+ }
+
if ( $request->getCheck( 'wpCancel' ) ) {
$titleObj = Title::newFromText( $request->getVal( 'returnto' ) );
if ( !$titleObj instanceof Title ) {
if ( $isSelf ) {
// This is needed to keep the user connected since
// changing the password also modifies the user's token.
- $user->setCookies();
+ $remember = $this->getRequest()->getCookie( 'Token' ) !== null;
+ $user->setCookies( null, null, $remember );
}
$user->resetPasswordExpiration();
$user->saveSettings();