Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F4338
PasswordReset_body.php
Public
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
•
bzimport
Nov 21 2014, 9:56 PM
2014-11-21 21:56:07 (UTC+0)
Size
5 KB
Referenced Files
None
Subscribers
None
PasswordReset_body.php
View Options
<?php
/** \file
* \brief Contains code for the PasswordReset Class (extends SpecialPage).
*/
///Special page class for the Password Reset extension
/**
* Special page that allows users with the 'passwordreset' right, to reset local MW user's
* passwords
*
* @addtogroup Extensions
* @author Tim Laqua <t.laqua@gmail.com>
*/
class
PasswordReset
extends
SpecialPage
{
function
PasswordReset
()
{
SpecialPage
::
SpecialPage
(
"PasswordReset"
,
"passwordreset"
);
self
::
loadMessages
();
}
function
execute
(
$par
)
{
global
$wgRequest
,
$wgOut
,
$wgUser
,
$wgTitle
;
$this
->
setHeaders
();
if
(
!
$wgUser
->
isAllowed
(
'passwordreset'
)
)
{
$wgOut
->
permissionRequired
(
'passwordreset'
);
return
;
}
$username
=
Title
::
newFromText
(
$wgRequest
->
getText
(
'username'
)
);
$username_text
=
is_object
(
$username
)
?
$username
->
getText
()
:
''
;
if
(
strlen
(
$wgRequest
->
getText
(
'username'
).
$wgRequest
->
getText
(
'newpass'
).
$wgRequest
->
getText
(
'confirmpass'
))>
0
)
{
//POST data found
if
(
strlen
(
$username_text
)>
0
)
{
$objUser
=
User
::
newFromName
(
$username
->
getText
()
);
$userID
=
$objUser
->
idForName
();
if
(
!
is_object
(
$objUser
)
||
$userID
==
0
)
{
$validUser
=
false
;
$wgOut
->
addHTML
(
"<span style=
\"
color: red;
\"
>"
.
wfMsg
(
'passwordreset-invalidusername'
)
.
"</span><br>
\n
"
);
}
else
{
$validUser
=
true
;
}
}
else
{
$validUser
=
false
;
$wgOut
->
addHTML
(
"<span style=
\"
color: red;
\"
>"
.
wfMsg
(
'passwordreset-emptyusername'
)
.
"</span><br>
\n
"
);
}
$newpass
=
$wgRequest
->
getText
(
'newpass'
);
$confirmpass
=
$wgRequest
->
getText
(
'confirmpass'
);
if
(
$newpass
==
$confirmpass
&&
strlen
(
$newpass
.
$oldpass
)>
0
)
{
//Passwords match
$passMatch
=
true
;
}
else
{
//Passwords DO NOT match
$passMatch
=
false
;
$wgOut
->
addHTML
(
"<span style=
\"
color: red;
\"
>"
.
wfMsg
(
'passwordreset-nopassmatch'
)
.
"</span><br>
\n
"
);
}
if
(!
$wgUser
->
matchEditToken
(
$wgRequest
->
getVal
(
'token'
)
)
)
{
$validUser
=
false
;
$passMatch
=
false
;
$wgOut
->
addHTML
(
"<span style=
\"
color: red;
\"
>"
.
wfMsg
(
'passwordreset-badtoken'
)
.
"</span><br>
\n
"
);
}
}
$action
=
$wgTitle
->
escapeLocalUrl
();
$token
=
$wgUser
->
editToken
();
$wgOut
->
addHTML
(
"
<form id='passwordresetform' method='post' action=
\"
$action
\"
>
<table>
<tr>
<td align='right'>"
.
wfMsg
(
'passwordreset-username'
)
.
"</td>
<td align='left'><input tabindex='1' type='text' size='20' name='username' id='username' value=
\"
$username_text
\"
onFocus=
\"
document.getElementById('username').select;
\"
/></td>
</tr>
<tr>
<td align='right'>"
.
wfMsg
(
'passwordreset-newpass'
)
.
"</td>
<td align='left'><input tabindex='2' type='password' size='20' name='newpass' id='newpass' value=
\"
$newpass
\"
onFocus=
\"
document.getElementById('newpass').select;
\"
/></td>
</tr>
<tr>
<td align='right'>"
.
wfMsg
(
'passwordreset-confirmpass'
)
.
"</td>
<td align='left'><input tabindex='3' type='password' size='20' name='confirmpass' id='confirmpass' value=
\"
$confirmpass
\"
onFocus=
\"
document.getElementById('confirmpass').select;
\"
/></td>
</tr>
<tr>
<td> </td>
<td align='right'><input type='submit' name='submit' value=
\"
"
.
wfMsg
(
'passwordreset-submit'
)
.
"
\"
/></td>
</tr>
</table>
<input type='hidden' name='token' value='$token' />
</form>"
);
if
(
$validUser
&&
$passMatch
)
{
$wgOut
->
addWikiText
(
"<hr />
\n
"
);
$wgOut
->
addWikiText
(
$this
->
resetPassword
(
$userID
,
$newpass
)
);
}
else
{
//Invalid user or passwords don't match - do nothing
}
}
private
function
resetPassword
(
$userID
,
$newpass
)
{
$dbw
=&
wfGetDB
(
DB_MASTER
);
$dbw
->
update
(
'user'
,
array
(
'user_password'
=>
wfEncryptPassword
(
$userID
,
$newpass
)
),
array
(
'user_id'
=>
$userID
)
);
return
wfMsg
(
'passwordreset-success'
,
$userID
);
}
function
loadMessages
()
{
static
$messagesLoaded
=
false
;
global
$wgMessageCache
;
if
(
$messagesLoaded
)
return
true
;
$messagesLoaded
=
true
;
require
(
dirname
(
__FILE__
)
.
'/PasswordReset.i18n.php'
);
foreach
(
$allMessages
as
$lang
=>
$langMessages
)
{
$wgMessageCache
->
addMessages
(
$langMessages
,
$lang
);
}
return
true
;
}
}
File Metadata
Details
Attached
Mime Type
text/x-php
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3903
Default Alt Text
PasswordReset_body.php (5 KB)
Attached To
Mode
T13914: Change the 'userrights' requirement by 'passwordreset' in the PasswordReset extension
Attached
Detach File
Event Timeline
Log In to Comment