function execute( $par ) {
global $wgAuth;
- $this->checkReadOnly();
+ $this->setHeaders();
+ $this->outputHeader();
+ $this->getOutput()->disallowUserJs();
$request = $this->getRequest();
$this->mUserName = trim( $request->getVal( 'wpName' ) );
$this->mRetype = $request->getVal( 'wpRetype' );
$this->mDomain = $request->getVal( 'wpDomain' );
- $this->setHeaders();
- $this->outputHeader();
- $this->getOutput()->disallowUserJs();
-
$user = $this->getUser();
if( !$request->wasPosted() && !$user->isLoggedIn() ) {
$this->error( $this->msg( 'resetpass-no-info' )->text() );
return;
}
+ $this->checkReadOnly();
+
if( $request->wasPosted() && $user->matchEditToken( $request->getVal( 'token' ) ) ) {
try {
$this->mDomain = $wgAuth->getDomain();