MediaWiki  master
SpecialPasswordReset.php
Go to the documentation of this file.
1 <?php
25 
37  private $passwordReset = null;
38 
42  private $result;
43 
47  private $method;
48 
49  public function __construct() {
50  parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
51  }
52 
53  private function getPasswordReset() {
54  if ( $this->passwordReset === null ) {
55  $this->passwordReset = MediaWikiServices::getInstance()->getPasswordReset();
56  }
57  return $this->passwordReset;
58  }
59 
60  public function doesWrites() {
61  return true;
62  }
63 
64  public function userCanExecute( User $user ) {
65  return $this->getPasswordReset()->isAllowed( $user )->isGood();
66  }
67 
68  public function checkExecutePermissions( User $user ) {
69  $status = Status::wrap( $this->getPasswordReset()->isAllowed( $user ) );
70  if ( !$status->isGood() ) {
71  throw new ErrorPageError( 'internalerror', $status->getMessage() );
72  }
73 
74  parent::checkExecutePermissions( $user );
75  }
76 
80  public function execute( $par ) {
81  $out = $this->getOutput();
82  $out->disallowUserJs();
83  parent::execute( $par );
84  }
85 
86  protected function getFormFields() {
87  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
88  $a = [];
89  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
90  $a['Username'] = [
91  'type' => 'text',
92  'default' => $this->getRequest()->getSession()->suggestLoginUsername(),
93  'label-message' => 'passwordreset-username',
94  ];
95 
96  if ( $this->getUser()->isLoggedIn() ) {
97  $a['Username']['default'] = $this->getUser()->getName();
98  }
99  }
100 
101  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
102  $a['Email'] = [
103  'type' => 'email',
104  'label-message' => 'passwordreset-email',
105  ];
106  }
107 
108  return $a;
109  }
110 
111  protected function getDisplayFormat() {
112  return 'ooui';
113  }
114 
115  public function alterForm( HTMLForm $form ) {
116  $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
117 
118  $form->setSubmitDestructive();
119 
120  $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
121 
122  $i = 0;
123  if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
124  $i++;
125  }
126  if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
127  $i++;
128  }
129 
130  $message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
131 
132  $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
133  $form->setSubmitTextMsg( 'mailmypassword' );
134  }
135 
145  public function onSubmit( array $data ) {
146  $username = $data['Username'] ?? null;
147  $email = $data['Email'] ?? null;
148 
149  $this->method = $username ? 'username' : 'email';
150  $this->result = Status::wrap(
151  $this->getPasswordReset()->execute( $this->getUser(), $username, $email ) );
152 
153  if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
154  throw new ThrottledError;
155  }
156 
157  return $this->result;
158  }
159 
160  public function onSuccess() {
161  if ( $this->method === 'email' ) {
162  $this->getOutput()->addWikiMsg( 'passwordreset-emailsentemail' );
163  } else {
164  $this->getOutput()->addWikiMsg( 'passwordreset-emailsentusername' );
165  }
166 
167  $this->getOutput()->returnToMain();
168  }
169 
174  public function isListed() {
175  if ( $this->getPasswordReset()->isAllowed( $this->getUser() )->isGood() ) {
176  return parent::isListed();
177  }
178 
179  return false;
180  }
181 
182  protected function getGroupName() {
183  return 'users';
184  }
185 }
SpecialPasswordReset
Special page for requesting a password reset email.
Definition: SpecialPasswordReset.php:35
SpecialPasswordReset\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition: SpecialPasswordReset.php:182
SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:792
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:719
SpecialPasswordReset\isListed
isListed()
Hide the password reset page if resets are disabled.
Definition: SpecialPasswordReset.php:174
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:130
SpecialPasswordReset\$result
Status $result
Definition: SpecialPasswordReset.php:42
SpecialPasswordReset\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition: SpecialPasswordReset.php:60
SpecialPasswordReset\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition: SpecialPasswordReset.php:86
HTMLForm\setHeaderText
setHeaderText( $msg, $section=null)
Set header text, inside the form.
Definition: HTMLForm.php:828
FormSpecialPage
Special page which uses an HTMLForm to handle processing.
Definition: FormSpecialPage.php:31
SpecialPasswordReset\getDisplayFormat
getDisplayFormat()
Get display format for the form.
Definition: SpecialPasswordReset.php:111
Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:40
SpecialPasswordReset\__construct
__construct()
Definition: SpecialPasswordReset.php:49
SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition: SpecialPage.php:758
SpecialPasswordReset\onSubmit
onSubmit(array $data)
Process the form.
Definition: SpecialPasswordReset.php:145
SpecialPasswordReset\$passwordReset
PasswordReset $passwordReset
Definition: SpecialPasswordReset.php:37
Status\wrap
static wrap( $sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:58
ThrottledError
Show an error when the user hits a rate limit.
Definition: ThrottledError.php:27
SpecialPasswordReset\checkExecutePermissions
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Definition: SpecialPasswordReset.php:68
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:729
FormSpecialPage\$par
string null $par
The sub-page of the special page.
Definition: FormSpecialPage.php:36
SpecialPasswordReset\onSuccess
onSuccess()
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
Definition: SpecialPasswordReset.php:160
SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:709
SpecialPasswordReset\execute
execute( $par)
Definition: SpecialPasswordReset.php:80
HTMLForm\setSubmitDestructive
setSubmitDestructive()
Identify that the submit button in the form has a destructive action.
Definition: HTMLForm.php:1371
HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition: HTMLForm.php:1385
SpecialPasswordReset\userCanExecute
userCanExecute(User $user)
Checks if the given user (identified by an object) can execute this special page (as defined by $mRes...
Definition: SpecialPasswordReset.php:64
HTMLForm\addHiddenFields
addHiddenFields(array $fields)
Add an array of hidden fields to the output.
Definition: HTMLForm.php:960
SpecialPasswordReset\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition: SpecialPasswordReset.php:115
SpecialPasswordReset\getPasswordReset
getPasswordReset()
Definition: SpecialPasswordReset.php:53
ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition: ErrorPageError.php:27
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:52
PasswordReset
Helper class for the password reset functionality shared by the web UI and the API.
Definition: PasswordReset.php:41
SpecialPasswordReset\$method
$method
Definition: SpecialPasswordReset.php:47
HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition: HTMLForm.php:131