r43841 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r43840‎ \| r43841 \| r43842 >
Date:	05:03, 22 November 2008
Author:	mrzman
Status:	resolved (Comments)
Tags:
Comment:	Move password resetting out of Special:Preferences, adapt Special:ResetPass to do the job, add Special:ChangePassword as an alias.
Modified paths:	/trunk/phase3/RELEASE-NOTES (modified) (history) /trunk/phase3/includes/SpecialPage.php (modified) (history) /trunk/phase3/includes/specials/SpecialPreferences.php (modified) (history) /trunk/phase3/includes/specials/SpecialResetpass.php (modified) (history) /trunk/phase3/includes/specials/SpecialUserlogin.php (modified) (history) /trunk/phase3/languages/messages/MessagesEn.php (modified) (history) /trunk/phase3/maintenance/language/messages.inc (modified) (history)

Diff [purge]

Index: trunk/phase3/maintenance/language/messages.inc
—	—	@@ -449,6 +449,10 @@
450	450	'resetpass_bad_temporary',
451	451	'resetpass_forbidden',
452	452	'resetpass_missing',
	453	+ 'resetpass-no-info',
	454	+ 'resetpass-submit-loggedin',
	455	+ 'resetpass-wrong-oldpass',
	456	+ 'resetpass-temp-password',
453	457	),
454	458	'toolbar' => array(
455	459	'bold_sample',
—	—	@@ -862,6 +866,7 @@
863	867	'prefs-watchlist-edits',
864	868	'prefs-watchlist-edits-max',
865	869	'prefs-misc',
	870	+ 'prefs-resetpass',
866	871	'saveprefs',
867	872	'resetprefs',
868	873	'oldpassword',
Index: trunk/phase3/includes/specials/SpecialPreferences.php
—	—	@@ -21,7 +21,7 @@
22	22	* @ingroup SpecialPage
23	23	*/
24	24	class PreferencesForm {
25		~~- var $mQuickbar, $mOldpass, $mNewpass, $mRetypePass, $mStubs;~~
	25	+ var $mQuickbar, $mStubs;
26	26	var $mRows, $mCols, $mSkin, $mMath, $mDate, $mUserEmail, $mEmailFlag, $mNick;
27	27	var $mUserLanguage, $mUserVariant;
28	28	var $mSearch, $mRecent, $mRecentDays, $mHourDiff, $mSearchLines, $mSearchChars, $mAction;
—	—	@@ -36,9 +36,6 @@
37	37	global $wgContLang, $wgUser, $wgAllowRealName;
38	38
39	39	$this->mQuickbar = $request->getVal( 'wpQuickbar' );
40		~~- $this->mOldpass = $request->getVal( 'wpOldpass' );~~
41		~~- $this->mNewpass = $request->getVal( 'wpNewpass' );~~
42		~~- $this->mRetypePass =$request->getVal( 'wpRetypePass' );~~
43	40	$this->mStubs = $request->getVal( 'wpStubs' );
44	41	$this->mRows = $request->getVal( 'wpRows' );
45	42	$this->mCols = $request->getVal( 'wpCols' );
—	—	@@ -212,30 +209,6 @@
213	210	global $wgEmailAuthentication, $wgRCMaxAge;
214	211	global $wgAuth, $wgEmailConfirmToEdit;
215	212
216		-
217		~~- if ( ($this->mNewpass !== '' \|\| $this->mOldpass !== '' ) && $wgAuth->allowPasswordChange() ) {~~
218		~~- if ( $this->mNewpass != $this->mRetypePass ) {~~
219		~~- wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'badretype' ) );~~
220		~~- $this->mainPrefsForm( 'error', wfMsg( 'badretype' ) );~~
221		~~- return;~~
222		~~- }~~
223		-
224		~~- if (!$wgUser->checkPassword( $this->mOldpass )) {~~
225		~~- wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'wrongpassword' ) );~~
226		~~- $this->mainPrefsForm( 'error', wfMsg( 'wrongpassword' ) );~~
227		~~- return;~~
228		~~- }~~
229		-
230		~~- try {~~
231		~~- $wgUser->setPassword( $this->mNewpass );~~
232		~~- wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'success' ) );~~
233		~~- $this->mNewpass = $this->mOldpass = $this->mRetypePass = '';~~
234		~~- } catch( PasswordError $e ) {~~
235		~~- wfRunHooks( 'PrefsPasswordAudit', array( $wgUser, $this->mNewpass, 'error' ) );~~
236		~~- $this->mainPrefsForm( 'error', $e->getMessage() );~~
237		~~- return;~~
238		~~- }~~
239		~~- }~~
240	213	$wgUser->setRealName( $this->mRealName );
241	214	$oldOptions = $wgUser->mOptions;
242	215
—	—	@@ -373,7 +346,6 @@
374	347	function resetPrefs() {
375	348	global $wgUser, $wgLang, $wgContLang, $wgContLanguageCode, $wgAllowRealName;
376	349
377		~~- $this->mOldpass = $this->mNewpass = $this->mRetypePass = '';~~
378	350	$this->mUserEmail = $wgUser->getEmail();
379	351	$this->mUserEmailAuthenticationtimestamp = $wgUser->getEmailAuthenticationtimestamp();
380	352	$this->mRealName = ($wgAllowRealName) ? $wgUser->getRealName() : '';
—	—	@@ -755,28 +727,11 @@
756	728
757	729	# Password
758	730	if( $wgAuth->allowPasswordChange() ) {
	731	+ $link = $wgUser->getSkin()->link( SpecialPage::getTitleFor( 'ResetPass' ), wfMsgHtml( 'prefs-resetpass' ),
	732	+ array() , array('returnto' => SpecialPage::getTitleFor( 'Preferences') ) );
759	733	$wgOut->addHTML(
760	734	$this->tableRow( Xml::element( 'h2', null, wfMsg( 'changepassword' ) ) ) .
761		~~- $this->tableRow(~~
762		~~- Xml::label( wfMsg( 'oldpassword' ), 'wpOldpass' ),~~
763		~~- Xml::password( 'wpOldpass', 25, $this->mOldpass, array( 'id' => 'wpOldpass', 'autocomplete' => 'off' ) )~~
764		~~- ) .~~
765		~~- $this->tableRow(~~
766		~~- Xml::label( wfMsg( 'newpassword' ), 'wpNewpass' ),~~
767		~~- Xml::password( 'wpNewpass', 25, $this->mNewpass, array( 'id' => 'wpNewpass', 'autocomplete' => 'off' ) )~~
768		~~- ) .~~
769		~~- $this->tableRow(~~
770		~~- Xml::label( wfMsg( 'retypenew' ), 'wpRetypePass' ),~~
771		~~- Xml::password( 'wpRetypePass', 25, $this->mRetypePass, array( 'id' => 'wpRetypePass', 'autocomplete' => 'off' ) )~~
772		~~- )~~
773		~~- );~~
774		~~- if( $wgCookieExpiration > 0 ){~~
775		~~- $wgOut->addHTML(~~
776		~~- $this->tableRow( $this->getToggle( "rememberpassword" ) )~~
777		~~- );~~
778		~~- } else {~~
779		~~- $this->mUsedToggles['rememberpassword'] = true;~~
780		~~- }~~
	735	+ $this->tableRow( '<ul><li>' . $link . '</li></ul>' ) );
781	736	}
782	737
783	738	# <FIXME>
Index: trunk/phase3/includes/specials/SpecialUserlogin.php
—	—	@@ -582,7 +582,7 @@
583	583
584	584	function resetLoginForm( $error ) {
585	585	global $wgOut;
586		~~- $wgOut->addWikiText( "<div class=\"errorbox\">$error</div>" );~~
	586	+ $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) );
587	587	$reset = new PasswordResetForm( $this->mName, $this->mPassword );
588	588	$reset->execute( null );
589	589	}
Index: trunk/phase3/includes/specials/SpecialResetpass.php
—	—	@@ -18,11 +18,11 @@
19	19	function __construct( $name=null, $reset=null ) {
20	20	if( $name !== null ) {
21	21	$this->mName = $name;
22		~~- $this->mTemporaryPassword = $reset;~~
	22	+ $this->mOldpass = $reset;
23	23	} else {
24	24	global $wgRequest;
25	25	$this->mName = $wgRequest->getVal( 'wpName' );
26		~~- $this->mTemporaryPassword = $wgRequest->getVal( 'wpPassword' );~~
	26	+ $this->mOldpass = $wgRequest->getVal( 'wpPassword' );
27	27	}
28	28	}
29	29
—	—	@@ -37,8 +37,8 @@
38	38	return;
39	39	}
40	40
41		~~- if( $this->mName === null && !$wgRequest->wasPosted() ) {~~
42		~~- $this->error( wfMsg( 'resetpass_missing' ) );~~
	41	+ if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) {
	42	+ $this->error( wfMsg( 'resetpass-no-info' ) );
43	43	return;
44	44	}
45	45
—	—	@@ -48,20 +48,24 @@
49	49	try {
50	50	$this->attemptReset( $newpass, $retype );
51	51	$wgOut->addWikiMsg( 'resetpass_success' );
52		-
53		~~- $data = array(~~
54		~~- 'action' => 'submitlogin',~~
55		~~- 'wpName' => $this->mName,~~
56		~~- 'wpPassword' => $newpass,~~
57		~~- 'returnto' => $wgRequest->getVal( 'returnto' ),~~
58		~~- );~~
59		~~- if( $wgRequest->getCheck( 'wpRemember' ) ) {~~
60		~~- $data['wpRemember'] = 1;~~
	52	+ if( !$wgUser->isLoggedIn() ) {
	53	+ $data = array(
	54	+ 'action' => 'submitlogin',
	55	+ 'wpName' => $this->mName,
	56	+ 'wpPassword' => $newpass,
	57	+ 'returnto' => $wgRequest->getVal( 'returnto' ),
	58	+ );
	59	+ if( $wgRequest->getCheck( 'wpRemember' ) ) {
	60	+ $data['wpRemember'] = 1;
	61	+ }
	62	+ $login = new LoginForm( new FauxRequest( $data, true ) );
	63	+ $login->execute();
61	64	}
62		~~- $login = new LoginForm( new FauxRequest( $data, true ) );~~
63		~~- $login->execute();~~
64		-
65		~~- return;~~
	65	+ $titleObj = Title::newFromText( $wgRequest->getVal( 'returnto' ) );
	66	+ if ( !$titleObj instanceof Title ) {
	67	+ $titleObj = Title::newMainPage();
	68	+ }
	69	+ $wgOut->redirect( $titleObj->getFullURL() );
66	70	} catch( PasswordError $e ) {
67	71	$this->error( $e->getMessage() );
68	72	}
—	—	@@ -71,9 +75,7 @@
72	76
73	77	function error( $msg ) {
74	78	global $wgOut;
75		~~- $wgOut->addHTML( '<div class="errorbox">' .~~
76		~~- htmlspecialchars( $msg ) .~~
77		~~- '</div>' );~~
	79	+ $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $msg ) );
78	80	}
79	81
80	82	function showForm() {
—	—	@@ -82,44 +84,54 @@
83	85	$wgOut->disallowUserJs();
84	86
85	87	$self = SpecialPage::getTitleFor( 'Resetpass' );
86		~~- $form =~~
87		~~- '<div id="userloginForm">' .~~
88		~~- wfOpenElement( 'form',~~
	88	+ if ( !$this->mName ) {
	89	+ $this->mName = $wgUser->getName();
	90	+ }
	91	+ $rememberMe = '';
	92	+ if ( !$wgUser->isLoggedIn() ) {
	93	+ $rememberMe = '<tr>' .
	94	+ '<td></td>' .
	95	+ '<td>' .
	96	+ Xml::checkLabel( wfMsg( 'remembermypassword' ),
	97	+ 'wpRemember', 'wpRemember',
	98	+ $wgRequest->getCheck( 'wpRemember' ) ) .
	99	+ '</td>' .
	100	+ '</tr>';
	101	+ $submitMsg = 'resetpass_submit';
	102	+ $oldpassMsg = 'resetpass-temp-password';
	103	+ } else {
	104	+ $oldpassMsg = 'oldpassword';
	105	+ $submitMsg = 'resetpass-submit-loggedin';
	106	+ }
	107	+ $wgOut->addHTML(
	108	+ Xml::openElement( 'fieldset' ) .
	109	+ Xml::element( 'legend', null, wfMsg( 'resetpass_header' ) ) .
	110	+ Xml::openElement( 'form',
89	111	array(
90	112	'method' => 'post',
91		~~- 'action' => $self->getLocalUrl() ) ) .~~
92		~~- '<h2>' . wfMsgHtml( 'resetpass_header' ) . '</h2>' .~~
93		~~- '<div id="userloginprompt">' .~~
	113	+ 'action' => $self->getLocalUrl(),
	114	+ 'id' => 'mw-resetpass-form' ) ) .
	115	+ Xml::hidden( 'token', $wgUser->editToken() ) .
	116	+ Xml::hidden( 'wpName', $this->mName ) .
	117	+ Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) .
94	118	wfMsgExt( 'resetpass_text', array( 'parse' ) ) .
95		~~- '</div>' .~~
96	119	'<table>' .
97		~~- wfHidden( 'token', $wgUser->editToken() ) .~~
98		~~- wfHidden( 'wpName', $this->mName ) .~~
99		~~- wfHidden( 'wpPassword', $this->mTemporaryPassword ) .~~
100		~~- wfHidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) .~~
101	120	$this->pretty( array(
102	121	array( 'wpName', 'username', 'text', $this->mName ),
	122	+ array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass ),
103	123	array( 'wpNewPassword', 'newpassword', 'password', '' ),
104	124	array( 'wpRetype', 'yourpasswordagain', 'password', '' ),
105	125	) ) .
	126	+ $rememberMe .
106	127	'<tr>' .
107	128	'<td></td>' .
108	129	'<td>' .
109		~~- Xml::checkLabel( wfMsg( 'remembermypassword' ),~~
110		~~- 'wpRemember', 'wpRemember',~~
111		~~- $wgRequest->getCheck( 'wpRemember' ) ) .~~
	130	+ wfSubmitButton( wfMsgHtml( $submitMsg ) ) .
112	131	'</td>' .
113	132	'</tr>' .
114		~~- '<tr>' .~~
115		~~- '<td></td>' .~~
116		~~- '<td>' .~~
117		~~- wfSubmitButton( wfMsgHtml( 'resetpass_submit' ) ) .~~
118		~~- '</td>' .~~
119		~~- '</tr>' .~~
120	133	'</table>' .
121		~~- wfCloseElement( 'form' ) .~~
122		~~- '</div>';~~
123		~~- $wgOut->addHTML( $form );~~
	134	+ Xml::closeElement( 'form' ) .
	135	+ Xml::closeElement( 'fieldset' ) );
124	136	}
125	137
126	138	function pretty( $fields ) {
—	—	@@ -127,16 +139,19 @@
128	140	foreach( $fields as $list ) {
129	141	list( $name, $label, $type, $value ) = $list;
130	142	if( $type == 'text' ) {
131		~~- $field = '<tt>' . htmlspecialchars( $value ) . '</tt>';~~
	143	+ $field = htmlspecialchars( $value );
132	144	} else {
133	145	$field = Xml::input( $name, 20, $value,
134	146	array( 'id' => $name, 'type' => $type ) );
135	147	}
136	148	$out .= '<tr>';
137		~~- $out .= '<td align="right">';~~
138		~~- $out .= Xml::label( wfMsg( $label ), $name );~~
	149	+ $out .= "<td class='mw-label'>";
	150	+ if ( $type != 'text' )
	151	+ $out .= Xml::label( wfMsg( $label ), $name );
	152	+ else
	153	+ $out .= wfMsg( $label );
139	154	$out .= '</td>';
140		~~- $out .= '<td>';~~
	155	+ $out .= "<td class='mw-input'>";
141	156	$out .= $field;
142	157	$out .= '</td>';
143	158	$out .= '</tr>';
—	—	@@ -153,8 +168,8 @@
154	169	throw new PasswordError( 'no such user' );
155	170	}
156	171
157		~~- if( !$user->checkTemporaryPassword( $this->mTemporaryPassword ) ) {~~
158		~~- throw new PasswordError( wfMsg( 'resetpass_bad_temporary' ) );~~
	172	+ if( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) {
	173	+ throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
159	174	}
160	175
161	176	if( $newpass !== $retype ) {
—	—	@@ -162,6 +177,7 @@
163	178	}
164	179
165	180	$user->setPassword( $newpass );
	181	+ $user->setCookies();
166	182	$user->saveSettings();
167	183	}
168	184	}
Index: trunk/phase3/includes/SpecialPage.php
—	—	@@ -89,7 +89,9 @@
90	90	'CreateAccount' => array( 'SpecialRedirectToSpecial', 'CreateAccount', 'Userlogin', 'signup', array( 'uselang' ) ),
91	91	'Preferences' => array( 'SpecialPage', 'Preferences' ),
92	92	'Watchlist' => array( 'SpecialPage', 'Watchlist' ),
	93	+ 'Resetpass' => array( 'SpecialPage', 'Resetpass' ),
93	94
	95	+
94	96	'Recentchanges' => 'SpecialRecentchanges',
95	97	'Upload' => array( 'SpecialPage', 'Upload' ),
96	98	'Imagelist' => array( 'SpecialPage', 'Imagelist' ),
—	—	@@ -135,7 +137,6 @@
136	138	'Recentchangeslinked' => 'SpecialRecentchangeslinked',
137	139	'Movepage' => array( 'UnlistedSpecialPage', 'Movepage' ),
138	140	'Blockme' => array( 'UnlistedSpecialPage', 'Blockme' ),
139		~~- 'Resetpass' => array( 'UnlistedSpecialPage', 'Resetpass' ),~~
140	141	'Booksources' => 'SpecialBookSources',
141	142	'Categories' => array( 'SpecialPage', 'Categories' ),
142	143	'Export' => array( 'SpecialPage', 'Export' ),
Index: trunk/phase3/languages/messages/MessagesEn.php
—	—	@@ -439,7 +439,7 @@
440	440	'Listbots' => array( 'ListBots' ),
441	441	'Popularpages' => array( 'PopularPages' ),
442	442	'Search' => array( 'Search' ),
443		~~- 'Resetpass' => array( 'ResetPass', 'ResetPassword' ),~~
	443	+ 'Resetpass' => array( 'ResetPass', 'ResetPassword', 'ChangePassword' ),
444	444	'Withoutinterwiki' => array( 'WithoutInterwiki' ),
445	445	'MergeHistory' => array( 'MergeHistory' ),
446	446	'Filepath' => array( 'FilePath' ),
—	—	@@ -1000,17 +1000,22 @@
1001	1001	* Nederlands\|nl', # do not translate or duplicate this message to other languages
1002	1002
1003	1003	# Password reset dialog
1004		~~-'resetpass' => 'Reset account password',~~
1005		~~-'resetpass_announce' => 'You logged in with a temporary e-mailed code.~~
	1004	+'resetpass' => 'Change or reset account password',
	1005	+'resetpass_announce' => 'You logged in with a temporary e-mailed code.
1006	1006	To finish logging in, you must set a new password here:',
1007		~~-'resetpass_text' => '<!-- Add text here -->', # only translate this message to other languages if you have to change it~~
1008		~~-'resetpass_header' => 'Reset password',~~
1009		~~-'resetpass_submit' => 'Set password and log in',~~
1010		~~-'resetpass_success' => 'Your password has been changed successfully! Now logging you in...',~~
1011		~~-'resetpass_bad_temporary' => 'Invalid temporary password.~~
	1007	+'resetpass_text' => '<!-- Add text here -->', # only translate this message to other languages if you have to change it
	1008	+'resetpass_header' => 'Reset password',
	1009	+'resetpass_submit' => 'Set password and log in',
	1010	+'resetpass_success' => 'Your password has been changed successfully! Now logging you in...',
	1011	+'resetpass_bad_temporary' => 'Invalid temporary password.
1012	1012	You may have already successfully changed your password or requested a new temporary password.',
1013		~~-'resetpass_forbidden' => 'Passwords cannot be changed',~~
1014		~~-'resetpass_missing' => 'No form data.',~~
	1013	+'resetpass_forbidden' => 'Passwords cannot be changed',
	1014	+'resetpass_missing' => 'No form data.',
	1015	+'resetpass-no-info' => 'You must be logged in to access this page directly.',
	1016	+'resetpass-submit-loggedin' => 'Change password',
	1017	+'resetpass-wrong-oldpass' => 'Invalid temporary or current password.
	1018	+You may have already successfully changed your password or requested a new temporary password.',
	1019	+'resetpass-temp-password' => 'Temporary password:',
1015	1020
1016	1021	# Edit page toolbar
1017	1022	'bold_sample' => 'Bold text',
—	—	@@ -1543,6 +1548,7 @@
1544	1549	'prefs-watchlist-edits' => 'Maximum number of changes to show in expanded watchlist:',
1545	1550	'prefs-watchlist-edits-max' => '(maximum number: 1000)',
1546	1551	'prefs-misc' => 'Misc',
	1552	+'prefs-resetpass' => 'Change password',
1547	1553	'saveprefs' => 'Save',
1548	1554	'resetprefs' => 'Clear unsaved changes',
1549	1555	'oldpassword' => 'Old password:',
Index: trunk/phase3/RELEASE-NOTES
—	—	@@ -212,6 +212,8 @@
213	213	* Add id="mw-user-domain-section" to <tr> tag in Userlogin.php template so that
214	214	admins with a single domain can hide the domain section using CSS
215	215	* Dropped old Paser_OldPP class. Only new parser with preprocessor is used.
	216	+* Moved password reset form from Special:Preferences to Special:ResetPass
	217	+* Added Special:ChangePassword as a special page alias for Special:ResetPass
216	218
217	219	=== Bug fixes in 1.14 ===
218	220

Follow-up revisions

Revision	Commit summary	Author	Date
r43971	Cleanup for r43841:...	aaron	03:37, 26 November 2008

Comments

#Comment by IAlex (talk | contribs) 17:24, 22 November 2008

Seems that the PrefsPasswordAudit hook disappeared.

#Comment by 😂 (talk | contribs) 01:54, 26 November 2008

Also, the construction seems a bit odd. Why bother extending SpecialPage if you're going to put a wfSpecialResetPass() around it? Wouldn't it make more sense just to make it a class and let SpecialPage call it. Would just have to add a call to the parent constructor within this constructor, and you could drop the entire wfSpecialResetPass() stuff.

#Comment by Aaron Schulz (talk | contribs) 03:37, 26 November 2008

Cleaned up in r43971

Status & tagging log

03:37, 26 November 2008 Aaron Schulz (talk | contribs) changed the status of r43841 [removed: ok added: resolved]
18:47, 25 November 2008 Aaron Schulz (talk | contribs) changed the status of r43841 [removed: new added: ok]