MediaWiki  master
SpecialPasswordReset.php
Go to the documentation of this file.
1 <?php
35  private $passwordReset;
36 
40  private $result;
41 
45  private $method;
46 
51  parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
52 
53  $this->passwordReset = $passwordReset;
54  }
55 
56  public function doesWrites() {
57  return true;
58  }
59 
60  public function userCanExecute( User $user ) {
61  return $this->passwordReset->isAllowed( $user )->isGood();
62  }
63 
64  public function checkExecutePermissions( User $user ) {
65  $status = Status::wrap( $this->passwordReset->isAllowed( $user ) );
66  if ( !$status->isGood() ) {
67  throw new ErrorPageError( 'internalerror', $status->getMessage() );
68  }
69 
70  parent::checkExecutePermissions( $user );
71  }
72 
76  public function execute( $par ) {
77  $out = $this->getOutput();
78  $out->disallowUserJs();
79  parent::execute( $par );
80  }
81 
82  protected function getFormFields() {
83  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
84  $a = [];
85  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
86  $a['Username'] = [
87  'type' => 'text',
88  'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
89  'label-message' => 'passwordreset-username',
90  ];
91 
92  if ( $this->getUser()->isLoggedIn() ) {
93  $a['Username']['default'] = $this->getUser()->getName();
94  }
95  }
96 
97  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
98  $a['Email'] = [
99  'type' => 'email',
100  'label-message' => 'passwordreset-email',
101  ];
102  }
103 
104  return $a;
105  }
106 
107  protected function getDisplayFormat() {
108  return 'ooui';
109  }
110 
111  public function alterForm( HTMLForm $form ) {
112  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
113 
114  $form->setSubmitDestructive();
115 
116  $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
117 
118  $i = 0;
119  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
120  $i++;
121  }
122  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
123  $i++;
124  }
125 
126  $message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
127 
128  $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
129  $form->setSubmitTextMsg( 'mailmypassword' );
130  }
131 
141  public function onSubmit( array $data ) {
142  $username = $data['Username'] ?? null;
143  $email = $data['Email'] ?? null;
144 
145  $this->method = $username ? 'username' : 'email';
146  $this->result = Status::wrap(
147  $this->passwordReset->execute( $this->getUser(), $username, $email ) );
148 
149  if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
150  throw new ThrottledError;
151  }
152 
153  return $this->result;
154  }
155 
160  public function onSuccess() {
161  $output = $this->getOutput();
162 
163  // Information messages.
164  $output->addWikiMsg( 'passwordreset-success' );
165  $output->addWikiMsg( 'passwordreset-success-details-generic',
166  $this->getConfig()->get( 'PasswordReminderResendTime' ) );
167 
168  // Confirmation of what the user has just submitted.
169  $info = "\n";
170  $postVals = $this->getRequest()->getPostValues();
171  if ( isset( $postVals['wpUsername'] ) && $postVals['wpUsername'] !== '' ) {
172  $info .= "* " . $this->msg( 'passwordreset-username' ) . ' '
173  . wfEscapeWikiText( $postVals['wpUsername'] ) . "\n";
174  }
175  if ( isset( $postVals['wpEmail'] ) && $postVals['wpEmail'] !== '' ) {
176  $info .= "* " . $this->msg( 'passwordreset-email' ) . ' '
177  . wfEscapeWikiText( $postVals['wpEmail'] ) . "\n";
178  }
179  $output->addWikiMsg( 'passwordreset-success-info', $info );
180 
181  // Link to main page.
182  $output->returnToMain();
183  }
184 
189  public function isListed() {
190  if ( $this->passwordReset->isAllowed( $this->getUser() )->isGood() ) {
191  return parent::isListed();
192  }
193 
194  return false;
195  }
196 
197  protected function getGroupName() {
198  return 'users';
199  }
200 }
SpecialPasswordReset
Special page for requesting a password reset email.
Definition: SpecialPasswordReset.php:33
SpecialPasswordReset\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition: SpecialPasswordReset.php:197
SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:828
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:744
SpecialPasswordReset\isListed
isListed()
Hide the password reset page if resets are disabled.
Definition: SpecialPasswordReset.php:189
SpecialPasswordReset\__construct
__construct(PasswordReset $passwordReset)
Definition: SpecialPasswordReset.php:50
SpecialPasswordReset\$result
Status $result
Definition: SpecialPasswordReset.php:40
SpecialPasswordReset\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition: SpecialPasswordReset.php:56
SpecialPasswordReset\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition: SpecialPasswordReset.php:82
HTMLForm\setHeaderText
setHeaderText( $msg, $section=null)
Set header text, inside the form.
Definition: HTMLForm.php:841
FormSpecialPage
Special page which uses an HTMLForm to handle processing.
Definition: FormSpecialPage.php:31
SpecialPasswordReset\getDisplayFormat
getDisplayFormat()
Get display format for the form.
Definition: SpecialPasswordReset.php:107
Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:44
SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition: SpecialPage.php:794
SpecialPasswordReset\onSubmit
onSubmit(array $data)
Process the form.
Definition: SpecialPasswordReset.php:141
SpecialPasswordReset\$passwordReset
PasswordReset $passwordReset
Definition: SpecialPasswordReset.php:35
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:62
ThrottledError
Show an error when the user hits a rate limit.
Definition: ThrottledError.php:28
SpecialPasswordReset\checkExecutePermissions
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Definition: SpecialPasswordReset.php:64
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:754
FormSpecialPage\$par
string null $par
The sub-page of the special page.
Definition: FormSpecialPage.php:36
SpecialPasswordReset\onSuccess
onSuccess()
Show a message on the successful processing of the form.
Definition: SpecialPasswordReset.php:160
SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:734
SpecialPasswordReset\execute
execute( $par)
Definition: SpecialPasswordReset.php:76
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1487
HTMLForm\setSubmitDestructive
setSubmitDestructive()
Identify that the submit button in the form has a destructive action.
Definition: HTMLForm.php:1393
HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition: HTMLForm.php:1407
SpecialPasswordReset\userCanExecute
userCanExecute(User $user)
Checks if the given user (identified by an object) can execute this special page (as defined by $mRes...
Definition: SpecialPasswordReset.php:60
HTMLForm\addHiddenFields
addHiddenFields(array $fields)
Add an array of hidden fields to the output.
Definition: HTMLForm.php:974
SpecialPasswordReset\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition: SpecialPasswordReset.php:111
ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition: ErrorPageError.php:30
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:55
PasswordReset
Helper class for the password reset functionality shared by the web UI and the API.
Definition: PasswordReset.php:43
SpecialPasswordReset\$method
string $method
Identifies which password reset field was specified by the user.
Definition: SpecialPasswordReset.php:45
HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition: HTMLForm.php:135