MediaWiki  master
SpecialPasswordReset.php
Go to the documentation of this file.
1 <?php
25 
37  private $passwordReset = null;
38 
42  private $result;
43 
47  private $method;
48 
49  public function __construct() {
50  parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
51  }
52 
53  private function getPasswordReset() {
54  if ( $this->passwordReset === null ) {
55  $this->passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
56  }
57  return $this->passwordReset;
58  }
59 
60  public function doesWrites() {
61  return true;
62  }
63 
64  public function userCanExecute( User $user ) {
65  return $this->getPasswordReset()->isAllowed( $user )->isGood();
66  }
67 
68  public function checkExecutePermissions( User $user ) {
69  $status = Status::wrap( $this->getPasswordReset()->isAllowed( $user ) );
70  if ( !$status->isGood() ) {
71  throw new ErrorPageError( 'internalerror', $status->getMessage() );
72  }
73 
74  parent::checkExecutePermissions( $user );
75  }
76 
77  protected function getFormFields() {
78  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
79  $a = [];
80  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
81  $a['Username'] = [
82  'type' => 'text',
83  'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
84  'label-message' => 'passwordreset-username',
85  ];
86 
87  if ( $this->getUser()->isLoggedIn() ) {
88  $a['Username']['default'] = $this->getUser()->getName();
89  }
90  }
91 
92  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
93  $a['Email'] = [
94  'type' => 'email',
95  'label-message' => 'passwordreset-email',
96  ];
97  }
98 
99  return $a;
100  }
101 
102  protected function getDisplayFormat() {
103  return 'ooui';
104  }
105 
106  public function alterForm( HTMLForm $form ) {
107  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
108 
109  $form->setSubmitDestructive();
110 
111  $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
112 
113  $i = 0;
114  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
115  $i++;
116  }
117  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
118  $i++;
119  }
120 
121  $message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
122 
123  $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
124  $form->setSubmitTextMsg( 'mailmypassword' );
125  }
126 
136  public function onSubmit( array $data ) {
137  $username = $data['Username'] ?? null;
138  $email = $data['Email'] ?? null;
139 
140  $this->method = $username ? 'username' : 'email';
141  $this->result = Status::wrap(
142  $this->getPasswordReset()->execute( $this->getUser(), $username, $email ) );
143 
144  if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
145  throw new ThrottledError;
146  }
147 
148  return $this->result;
149  }
150 
151  public function onSuccess() {
152  if ( $this->method === 'email' ) {
153  $this->getOutput()->addWikiMsg( 'passwordreset-emailsentemail' );
154  } else {
155  $this->getOutput()->addWikiMsg( 'passwordreset-emailsentusername' );
156  }
157 
158  $this->getOutput()->returnToMain();
159  }
160 
165  public function isListed() {
166  if ( $this->getPasswordReset()->isAllowed( $this->getUser() )->isGood() ) {
167  return parent::isListed();
168  }
169 
170  return false;
171  }
172 
173  protected function getGroupName() {
174  return 'users';
175  }
176 }
execute( $par)
Basic SpecialPage workflow: get a form, send it to the user; get some data back,. ...
getOutput()
Get the OutputPage being used for this instance.
Special page which uses an HTMLForm to handle processing.
addHiddenFields(array $fields)
Add an array of hidden fields to the output.
Definition: HTMLForm.php:960
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:51
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
setSubmitDestructive()
Identify that the submit button in the form has a destructive action.
Definition: HTMLForm.php:1378
An error page which can definitely be safely rendered using the OutputPage.
setHeaderText( $msg, $section=null)
Set header text, inside the form.
Definition: HTMLForm.php:828
Special page for requesting a password reset email.
onSubmit(array $data)
Process the form.
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:55
getUser()
Shortcut to get the User executing this instance.
getConfig()
Shortcut to get main config object.
isListed()
Hide the password reset page if resets are disabled.
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition: HTMLForm.php:1392
getRequest()
Get the WebRequest being used for this instance.
Show an error when the user hits a rate limit.