MediaWiki  master
SpecialPasswordReset.php
Go to the documentation of this file.
1 <?php
25 
37  private $passwordReset = null;
38 
42  private $result;
43 
47  private $method;
48 
49  public function __construct() {
50  parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
51  }
52 
53  private function getPasswordReset() {
54  if ( $this->passwordReset === null ) {
55  $this->passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
56  }
57  return $this->passwordReset;
58  }
59 
60  public function doesWrites() {
61  return true;
62  }
63 
64  public function userCanExecute( User $user ) {
65  return $this->getPasswordReset()->isAllowed( $user )->isGood();
66  }
67 
68  public function checkExecutePermissions( User $user ) {
69  $status = Status::wrap( $this->getPasswordReset()->isAllowed( $user ) );
70  if ( !$status->isGood() ) {
71  throw new ErrorPageError( 'internalerror', $status->getMessage() );
72  }
73 
74  parent::checkExecutePermissions( $user );
75  }
76 
80  public function execute( $par ) {
81  $out = $this->getOutput();
82  $out->disallowUserJs();
83  parent::execute( $par );
84  }
85 
86  protected function getFormFields() {
87  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
88  $a = [];
89  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
90  $a['Username'] = [
91  'type' => 'text',
92  'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
93  'label-message' => 'passwordreset-username',
94  ];
95 
96  if ( $this->getUser()->isLoggedIn() ) {
97  $a['Username']['default'] = $this->getUser()->getName();
98  }
99  }
100 
101  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
102  $a['Email'] = [
103  'type' => 'email',
104  'label-message' => 'passwordreset-email',
105  ];
106  }
107 
108  return $a;
109  }
110 
111  protected function getDisplayFormat() {
112  return 'ooui';
113  }
114 
115  public function alterForm( HTMLForm $form ) {
116  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
117 
118  $form->setSubmitDestructive();
119 
120  $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
121 
122  $i = 0;
123  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
124  $i++;
125  }
126  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
127  $i++;
128  }
129 
130  $message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
131 
132  $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
133  $form->setSubmitTextMsg( 'mailmypassword' );
134  }
135 
145  public function onSubmit( array $data ) {
146  $username = $data['Username'] ?? null;
147  $email = $data['Email'] ?? null;
148 
149  $this->method = $username ? 'username' : 'email';
150  $this->result = Status::wrap(
151  $this->getPasswordReset()->execute( $this->getUser(), $username, $email ) );
152 
153  if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
154  throw new ThrottledError;
155  }
156 
157  return $this->result;
158  }
159 
164  public function onSuccess() {
165  $output = $this->getOutput();
166 
167  // Information messages.
168  $output->addWikiMsg( 'passwordreset-success' );
169  $output->addWikiMsg( 'passwordreset-success-details-generic',
170  $this->getConfig()->get( 'PasswordReminderResendTime' ) );
171 
172  // Confirmation of what the user has just submitted.
173  $info = "\n";
174  $postVals = $this->getRequest()->getPostValues();
175  if ( isset( $postVals['wpUsername'] ) && $postVals['wpUsername'] !== '' ) {
176  $info .= "* " . $this->msg( 'passwordreset-username' ) . ' '
177  . wfEscapeWikiText( $postVals['wpUsername'] ) . "\n";
178  }
179  if ( isset( $postVals['wpEmail'] ) && $postVals['wpEmail'] !== '' ) {
180  $info .= "* " . $this->msg( 'passwordreset-email' ) . ' '
181  . wfEscapeWikiText( $postVals['wpEmail'] ) . "\n";
182  }
183  $output->addWikiMsg( 'passwordreset-success-info', $info );
184 
185  // Link to main page.
186  $output->returnToMain();
187  }
188 
193  public function isListed() {
194  if ( $this->getPasswordReset()->isAllowed( $this->getUser() )->isGood() ) {
195  return parent::isListed();
196  }
197 
198  return false;
199  }
200 
201  protected function getGroupName() {
202  return 'users';
203  }
204 }
SpecialPasswordReset
Special page for requesting a password reset email.
Definition: SpecialPasswordReset.php:35
SpecialPasswordReset\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition: SpecialPasswordReset.php:201
SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:800
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:716
SpecialPasswordReset\isListed
isListed()
Hide the password reset page if resets are disabled.
Definition: SpecialPasswordReset.php:193
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:146
SpecialPasswordReset\$result
Status $result
Definition: SpecialPasswordReset.php:42
SpecialPasswordReset\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition: SpecialPasswordReset.php:60
SpecialPasswordReset\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition: SpecialPasswordReset.php:86
HTMLForm\setHeaderText
setHeaderText( $msg, $section=null)
Set header text, inside the form.
Definition: HTMLForm.php:832
FormSpecialPage
Special page which uses an HTMLForm to handle processing.
Definition: FormSpecialPage.php:31
SpecialPasswordReset\getDisplayFormat
getDisplayFormat()
Get display format for the form.
Definition: SpecialPasswordReset.php:111
Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:42
SpecialPasswordReset\__construct
__construct()
Definition: SpecialPasswordReset.php:49
SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition: SpecialPage.php:766
SpecialPasswordReset\onSubmit
onSubmit(array $data)
Process the form.
Definition: SpecialPasswordReset.php:145
SpecialPasswordReset\$passwordReset
PasswordReset $passwordReset
Definition: SpecialPasswordReset.php:37
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:60
ThrottledError
Show an error when the user hits a rate limit.
Definition: ThrottledError.php:27
SpecialPasswordReset\checkExecutePermissions
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Definition: SpecialPasswordReset.php:68
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:726
FormSpecialPage\$par
string null $par
The sub-page of the special page.
Definition: FormSpecialPage.php:36
SpecialPasswordReset\onSuccess
onSuccess()
Show a message on the successful processing of the form.
Definition: SpecialPasswordReset.php:164
SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:706
SpecialPasswordReset\execute
execute( $par)
Definition: SpecialPasswordReset.php:80
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1485
HTMLForm\setSubmitDestructive
setSubmitDestructive()
Identify that the submit button in the form has a destructive action.
Definition: HTMLForm.php:1374
HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition: HTMLForm.php:1388
SpecialPasswordReset\userCanExecute
userCanExecute(User $user)
Checks if the given user (identified by an object) can execute this special page (as defined by $mRes...
Definition: SpecialPasswordReset.php:64
HTMLForm\addHiddenFields
addHiddenFields(array $fields)
Add an array of hidden fields to the output.
Definition: HTMLForm.php:964
SpecialPasswordReset\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition: SpecialPasswordReset.php:115
SpecialPasswordReset\getPasswordReset
getPasswordReset()
Definition: SpecialPasswordReset.php:53
ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition: ErrorPageError.php:27
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:55
PasswordReset
Helper class for the password reset functionality shared by the web UI and the API.
Definition: PasswordReset.php:43
SpecialPasswordReset\$method
string $method
Identifies which password reset field was specified by the user.
Definition: SpecialPasswordReset.php:47
HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition: HTMLForm.php:133