r43971 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r43970‎ \| r43971 \| r43972 >
Date:	03:37, 26 November 2008
Author:	aaron
Status:	ok
Tags:
Comment:	Cleanup for r43841: * Fix odd invocation to use the normal extend method for pages * Add passwordaudit hooks * Fix specialpage member variable collision
Modified paths:	/trunk/phase3/includes/AutoLoader.php (modified) (history) /trunk/phase3/includes/SpecialPage.php (modified) (history) /trunk/phase3/includes/specials/SpecialResetpass.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/AutoLoader.php
—	—	@@ -469,7 +469,7 @@
470	470	'SpecialContributions' => 'includes/specials/SpecialContributions.php',
471	471	'NewPagesPager' => 'includes/specials/SpecialNewpages.php',
472	472	'PageArchive' => 'includes/specials/SpecialUndelete.php',
473		~~- 'PasswordResetForm' => 'includes/specials/SpecialResetpass.php',~~
	473	+ 'PasswordReset' => 'includes/specials/SpecialResetpass.php',
474	474	'PopularPagesPage' => 'includes/specials/SpecialPopularpages.php',
475	475	'PreferencesForm' => 'includes/specials/SpecialPreferences.php',
476	476	'RandomPage' => 'includes/specials/SpecialRandompage.php',
Index: trunk/phase3/includes/specials/SpecialResetpass.php
—	—	@@ -4,26 +4,13 @@
5	5	* @ingroup SpecialPage
6	6	*/
7	7
8		~~-/** Constructor */~~
9		~~-function wfSpecialResetpass( $par ) {~~
10		~~- $form = new PasswordResetForm();~~
11		~~- $form->execute( $par );~~
12		-}
13		-
14	8	/**
15	9	* Let users recover their password.
16	10	* @ingroup SpecialPage
17	11	*/
18		~~-class PasswordResetForm extends SpecialPage {~~
19		~~- function __construct( $name=null, $reset=null ) {~~
20		~~- if( $name !== null ) {~~
21		~~- $this->mName = $name;~~
22		~~- $this->mOldpass = $reset;~~
23		~~- } else {~~
24		~~- global $wgRequest;~~
25		~~- $this->mName = $wgRequest->getVal( 'wpName' );~~
26		~~- $this->mOldpass = $wgRequest->getVal( 'wpPassword' );~~
27		~~- }~~
	12	+class PasswordReset extends SpecialPage {
	13	+ public function __construct() {
	14	+ parent::__construct( 'Resetpass' );
28	15	}
29	16
30	17	/**
—	—	@@ -32,6 +19,14 @@
33	20	function execute( $par ) {
34	21	global $wgUser, $wgAuth, $wgOut, $wgRequest;
35	22
	23	+ $this->mUserName = $wgRequest->getVal( 'wpName' );
	24	+ $this->mOldpass = $wgRequest->getVal( 'wpPassword' );
	25	+ $this->mNewpass = $wgRequest->getVal( 'wpNewPassword' );
	26	+ $this->mRetype = $wgRequest->getVal( 'wpRetype' );
	27	+
	28	+ $this->setHeaders();
	29	+ $this->outputHeader();
	30	+
36	31	if( !$wgAuth->allowPasswordChange() ) {
37	32	$this->error( wfMsg( 'resetpass_forbidden' ) );
38	33	return;
—	—	@@ -42,18 +37,16 @@
43	38	return;
44	39	}
45	40
46		~~- if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal( 'token' ) ) ) {~~
47		~~- $newpass = $wgRequest->getVal( 'wpNewPassword' );~~
48		~~- $retype = $wgRequest->getVal( 'wpRetype' );~~
	41	+ if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal('token') ) ) {
49	42	try {
50		~~- $this->attemptReset( $newpass, $retype );~~
	43	+ $this->attemptReset( $this->mNewpass, $this->mRetype );
51	44	$wgOut->addWikiMsg( 'resetpass_success' );
52	45	if( !$wgUser->isLoggedIn() ) {
53	46	$data = array(
54		~~- 'action' => 'submitlogin',~~
55		~~- 'wpName' => $this->mName,~~
56		~~- 'wpPassword' => $newpass,~~
57		~~- 'returnto' => $wgRequest->getVal( 'returnto' ),~~
	47	+ 'action' => 'submitlogin',
	48	+ 'wpName' => $this->mUserName,
	49	+ 'wpPassword' => $this->mNewpass,
	50	+ 'returnto' => $wgRequest->getVal( 'returnto' ),
58	51	);
59	52	if( $wgRequest->getCheck( 'wpRemember' ) ) {
60	53	$data['wpRemember'] = 1;
—	—	@@ -84,8 +77,8 @@
85	78	$wgOut->disallowUserJs();
86	79
87	80	$self = SpecialPage::getTitleFor( 'Resetpass' );
88		~~- if ( !$this->mName ) {~~
89		~~- $this->mName = $wgUser->getName();~~
	81	+ if ( !$this->mUserName ) {
	82	+ $this->mUserName = $wgUser->getName();
90	83	}
91	84	$rememberMe = '';
92	85	if ( !$wgUser->isLoggedIn() ) {
—	—	@@ -112,12 +105,12 @@
113	106	'action' => $self->getLocalUrl(),
114	107	'id' => 'mw-resetpass-form' ) ) .
115	108	Xml::hidden( 'token', $wgUser->editToken() ) .
116		~~- Xml::hidden( 'wpName', $this->mName ) .~~
	109	+ Xml::hidden( 'wpName', $this->mUserName ) .
117	110	Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) .
118	111	wfMsgExt( 'resetpass_text', array( 'parse' ) ) .
119	112	'<table>' .
120	113	$this->pretty( array(
121		~~- array( 'wpName', 'username', 'text', $this->mName ),~~
	114	+ array( 'wpName', 'username', 'text', $this->mUserName ),
122	115	array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass ),
123	116	array( 'wpNewPassword', 'newpassword', 'password', '' ),
124	117	array( 'wpRetype', 'yourpasswordagain', 'password', '' ),
—	—	@@ -131,7 +124,8 @@
132	125	'</tr>' .
133	126	'</table>' .
134	127	Xml::closeElement( 'form' ) .
135		~~- Xml::closeElement( 'fieldset' ) );~~
	128	+ Xml::closeElement( 'fieldset' )
	129	+ );
136	130	}
137	131
138	132	function pretty( $fields ) {
—	—	@@ -162,21 +156,32 @@
163	157	/**
164	158	* @throws PasswordError when cannot set the new password because requirements not met.
165	159	*/
166		~~- function attemptReset( $newpass, $retype ) {~~
167		~~- $user = User::newFromName( $this->mName );~~
168		~~- if( $user->isAnon() ) {~~
	160	+ protected function attemptReset( $newpass, $retype ) {
	161	+ $user = User::newFromName( $this->mUserName );
	162	+ if( !$user \|\| $user->isAnon() ) {
169	163	throw new PasswordError( 'no such user' );
170	164	}
	165	+
	166	+ if( $newpass !== $retype ) {
	167	+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'badretype' ) );
	168	+ throw new PasswordError( wfMsg( 'badretype' ) );
	169	+ }
171	170
172		~~- if( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) {~~
	171	+ if( !$user->checkPassword( $this->mOldpass ) ) {
	172	+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
173	173	throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
174	174	}
175		-
176		~~- if( $newpass !== $retype ) {~~
177		~~- throw new PasswordError( wfMsg( 'badretype' ) );~~
	175	+
	176	+ try {
	177	+ $user->setPassword( $this->mNewpass );
	178	+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) );
	179	+ $this->mNewpass = $this->mOldpass = $this->mRetypePass = '';
	180	+ } catch( PasswordError $e ) {
	181	+ wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) );
	182	+ $this->mainPrefsForm( 'error', $e->getMessage() );
	183	+ return;
178	184	}
179		-
180		~~- $user->setPassword( $newpass );~~
	185	+
181	186	$user->setCookies();
182	187	$user->saveSettings();
183	188	}
Index: trunk/phase3/includes/SpecialPage.php
—	—	@@ -89,7 +89,7 @@
90	90	'CreateAccount' => array( 'SpecialRedirectToSpecial', 'CreateAccount', 'Userlogin', 'signup', array( 'uselang' ) ),
91	91	'Preferences' => array( 'SpecialPage', 'Preferences' ),
92	92	'Watchlist' => array( 'SpecialPage', 'Watchlist' ),
93		~~- 'Resetpass' => array( 'SpecialPage', 'Resetpass' ),~~
	93	+ 'Resetpass' => 'PasswordReset',
94	94
95	95
96	96	'Recentchanges' => 'SpecialRecentchanges',

Follow-up revisions

Revision	Commit summary	Author	Date
r44047	Renamed PasswordReset class to SpecialResetpass and fixed an entry in Special...	ialex	19:42, 29 November 2008

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r43841	Move password resetting out of Special:Preferences, adapt Special:ResetPass t...	mrzman	05:03, 22 November 2008

Status & tagging log

00:47, 4 December 2008 Brion VIBBER (talk | contribs) changed the status of r43971 [removed: new added: ok]