X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fspecials%2FSpecialChangePassword.php;h=ce769bfdc6b663fb18f9983ea4aa648767898072;hb=c2602eaed5c726e1b78cc9ecb55a94392e923642;hp=2d0d020cacd74766844d65922de87908f6e7f174;hpb=4a51a7f590385ad1abc77e2f8b884eb417cd93fc;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php index 2d0d020cac..ce769bfdc6 100644 --- a/includes/specials/SpecialChangePassword.php +++ b/includes/specials/SpecialChangePassword.php @@ -21,323 +21,16 @@ * @ingroup SpecialPage */ +use MediaWiki\Auth\PasswordAuthenticationRequest; + /** * Let users recover their password. * * @ingroup SpecialPage */ -class SpecialChangePassword extends FormSpecialPage { - protected $mUserName; - protected $mDomain; - - // Optional Wikitext Message to show above the password change form - protected $mPreTextMessage = null; - - // label for old password input - protected $mOldPassMsg = null; - +class SpecialChangePassword extends SpecialRedirectToSpecial { public function __construct() { - parent::__construct( 'ChangePassword', 'editmyprivateinfo' ); - $this->listed( false ); - } - - public function doesWrites() { - return true; - } - - /** - * Main execution point - * @param string|null $par - */ - function execute( $par ) { - $this->getOutput()->disallowUserJs(); - - parent::execute( $par ); - } - - protected function checkExecutePermissions( User $user ) { - parent::checkExecutePermissions( $user ); - - if ( !$this->getRequest()->wasPosted() ) { - $this->requireLogin( 'resetpass-no-info' ); - } - } - - /** - * Set a message at the top of the Change Password form - * @since 1.23 - * @param Message $msg Message to parse and add to the form header - */ - public function setChangeMessage( Message $msg ) { - $this->mPreTextMessage = $msg; - } - - /** - * Set a message at the top of the Change Password form - * @since 1.23 - * @param string $msg Message label for old/temp password field - */ - public function setOldPasswordMessage( $msg ) { - $this->mOldPassMsg = $msg; - } - - protected function getFormFields() { - $user = $this->getUser(); - $request = $this->getRequest(); - - $oldpassMsg = $this->mOldPassMsg; - if ( $oldpassMsg === null ) { - $oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password'; - } - - $fields = [ - 'Name' => [ - 'type' => 'info', - 'label-message' => 'username', - 'default' => $request->getVal( 'wpName', $user->getName() ), - ], - 'Password' => [ - 'type' => 'password', - 'label-message' => $oldpassMsg, - ], - 'NewPassword' => [ - 'type' => 'password', - 'label-message' => 'newpassword', - ], - 'Retype' => [ - 'type' => 'password', - 'label-message' => 'retypenew', - ], - ]; - - if ( !$this->getUser()->isLoggedIn() ) { - $fields['LoginOnChangeToken'] = [ - 'type' => 'hidden', - 'label' => 'Change Password Token', - 'default' => LoginForm::getLoginToken()->toString(), - ]; - } - - $extraFields = []; - Hooks::run( 'ChangePasswordForm', [ &$extraFields ] ); - foreach ( $extraFields as $extra ) { - list( $name, $label, $type, $default ) = $extra; - $fields[$name] = [ - 'type' => $type, - 'name' => $name, - 'label-message' => $label, - 'default' => $default, - ]; - } - - if ( !$user->isLoggedIn() ) { - $fields['Remember'] = [ - 'type' => 'check', - 'label' => $this->msg( 'remembermypassword' ) - ->numParams( - ceil( $this->getConfig()->get( 'CookieExpiration' ) / ( 3600 * 24 ) ) - )->text(), - 'default' => $request->getVal( 'wpRemember' ), - ]; - } - - return $fields; - } - - protected function alterForm( HTMLForm $form ) { - $form->setId( 'mw-resetpass-form' ); - $form->setTableId( 'mw-resetpass-table' ); - $form->setWrapperLegendMsg( 'resetpass_header' ); - $form->setSubmitTextMsg( - $this->getUser()->isLoggedIn() - ? 'resetpass-submit-loggedin' - : 'resetpass_submit' - ); - $form->addButton( [ - 'name' => 'wpCancel', - 'value' => $this->msg( 'resetpass-submit-cancel' )->text() - ] ); - $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() ); - if ( $this->mPreTextMessage instanceof Message ) { - $form->addPreText( $this->mPreTextMessage->parseAsBlock() ); - } - $form->addHiddenFields( - $this->getRequest()->getValues( 'wpName', 'wpDomain', 'returnto', 'returntoquery' ) ); - } - - public function onSubmit( array $data ) { - global $wgAuth; - - $request = $this->getRequest(); - - if ( $request->getCheck( 'wpLoginToken' ) ) { - // This comes from Special:Userlogin when logging in with a temporary password - return false; - } - - if ( !$this->getUser()->isLoggedIn() - && !LoginForm::getLoginToken()->match( $request->getVal( 'wpLoginOnChangeToken' ) ) - ) { - // Potential CSRF (bug 62497) - return false; - } - - if ( $request->getCheck( 'wpCancel' ) ) { - $returnto = $request->getVal( 'returnto' ); - $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null; - if ( !$titleObj instanceof Title ) { - $titleObj = Title::newMainPage(); - } - $query = $request->getVal( 'returntoquery' ); - $this->getOutput()->redirect( $titleObj->getFullURL( $query ) ); - - return true; - } - - $this->mUserName = $request->getVal( 'wpName', $this->getUser()->getName() ); - $this->mDomain = $wgAuth->getDomain(); - - if ( !$wgAuth->allowPasswordChange() ) { - throw new ErrorPageError( 'changepassword', 'resetpass_forbidden' ); - } - - $status = $this->attemptReset( $data['Password'], $data['NewPassword'], $data['Retype'] ); - - return $status; - } - - public function onSuccess() { - if ( $this->getUser()->isLoggedIn() ) { - $this->getOutput()->wrapWikiMsg( - "