| Index: trunk/phase3/includes/User.php |
| — | — | @@ -2705,7 +2705,13 @@ |
| 2706 | 2706 | * @return \bool True if matches, false otherwise |
| 2707 | 2707 | */ |
| 2708 | 2708 | function checkTemporaryPassword( $plaintext ) { |
| 2709 | | - return self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ); |
| | 2709 | + if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) { |
| | 2710 | + $this->load(); |
| | 2711 | + $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry; |
| | 2712 | + return ( time() < $expiry ); |
| | 2713 | + } else { |
| | 2714 | + return false; |
| | 2715 | + } |
| 2710 | 2716 | } |
| 2711 | 2717 | |
| 2712 | 2718 | /** |
| Index: trunk/phase3/includes/DefaultSettings.php |
| — | — | @@ -521,6 +521,11 @@ |
| 522 | 522 | $wgPasswordReminderResendTime = 24; |
| 523 | 523 | |
| 524 | 524 | /** |
| | 525 | + * The time, in seconds, when an emailed temporary password expires. |
| | 526 | + */ |
| | 527 | +$wgNewPasswordExpiry = 3600 * 24 * 7; |
| | 528 | + |
| | 529 | +/** |
| 525 | 530 | * SMTP Mode |
| 526 | 531 | * For using a direct (authenticated) SMTP server connection. |
| 527 | 532 | * Default to false or fill an array : |
| Index: trunk/phase3/includes/specials/SpecialUserlogin.php |
| — | — | @@ -654,7 +654,7 @@ |
| 655 | 655 | * @private |
| 656 | 656 | */ |
| 657 | 657 | function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle', $emailText = 'passwordremindertext' ) { |
| 658 | | - global $wgServer, $wgScript, $wgUser; |
| | 658 | + global $wgServer, $wgScript, $wgUser, $wgNewPasswordExpiry; |
| 659 | 659 | |
| 660 | 660 | if ( '' == $u->getEmail() ) { |
| 661 | 661 | return new WikiError( wfMsg( 'noemail', $u->getName() ) ); |
| — | — | @@ -670,7 +670,7 @@ |
| 671 | 671 | $u->setNewpassword( $np, $throttle ); |
| 672 | 672 | $u->saveSettings(); |
| 673 | 673 | |
| 674 | | - $m = wfMsg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript ); |
| | 674 | + $m = wfMsg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript, round( $wgNewPasswordExpiry / 86400 ) ); |
| 675 | 675 | $result = $u->sendMail( wfMsg( $emailTitle ), $m ); |
| 676 | 676 | |
| 677 | 677 | return $result; |
| Index: trunk/phase3/languages/messages/MessagesEn.php |
| — | — | @@ -937,6 +937,7 @@ |
| 938 | 938 | password for {{SITENAME}} ($4). A temporary password for user |
| 939 | 939 | "$2" has been created and was set to "$3". If this was your |
| 940 | 940 | intent, you will need to log in and choose a new password now. |
| | 941 | +Your temporary password will expire in {{PLURAL:$5|one day|$5 days}}. |
| 941 | 942 | |
| 942 | 943 | If someone else made this request, or if you have remembered your password, |
| 943 | 944 | and you no longer wish to change it, you may ignore this message and |
| Index: trunk/phase3/RELEASE-NOTES |
| — | — | @@ -71,8 +71,9 @@ |
| 72 | 72 | * The 'BeforeWatchlist' hook has been removed due to internal changes in |
| 73 | 73 | Special:Watchlist. 'SpecialWatchlistQuery' should now be used by extensions |
| 74 | 74 | to customize the watchlist database query. |
| | 75 | +* Added $wgNewPasswordExpiry, to specify an expiry time (in seconds) to |
| | 76 | + tempoary passwords |
| 75 | 77 | |
| 76 | | - |
| 77 | 78 | === Migrated extensions === |
| 78 | 79 | The following extensions are migrated into MediaWiki 1.14: |
| 79 | 80 | |
| — | — | @@ -258,6 +259,7 @@ |
| 259 | 260 | * Image moving is now enabled for sysops by default |
| 260 | 261 | * Make "Did you mean" search feature more noticeable |
| 261 | 262 | * Added "Advanced search" link to the search form |
| | 263 | +* (bug 2242) Add an expiry time to temporary passwords |
| 262 | 264 | |
| 263 | 265 | === Bug fixes in 1.14 === |
| 264 | 266 | |