r47637 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r47636‎ \| r47637 \| r47638 >
Date:	22:27, 21 February 2009
Author:	demon
Status:	reverted (Comments)
Tags:
Comment:	Add logging to password resets per request on code review. Also a little javascript thing for disable/enable of relevant text boxes if you change the name to/from your own.
Modified paths:	/trunk/phase3/includes/DefaultSettings.php (modified) (history) /trunk/phase3/includes/specials/SpecialResetpass.php (modified) (history) /trunk/phase3/languages/messages/MessagesEn.php (modified) (history) /trunk/phase3/maintenance/language/messages.inc (modified) (history) /trunk/phase3/skins/common/changepassword.js (added) (history)

Diff [purge]

Index: trunk/phase3/maintenance/language/messages.inc
—	—	@@ -462,6 +462,10 @@
463	463	'resetpass-wrong-oldpass',
464	464	'resetpass-temp-password',
465	465	'resetpass-no-others',
	466	+ 'resetpass-log',
	467	+ 'resetpass-logtext',
	468	+ 'resetpass-logentry',
	469	+ 'resetpass-comment',
466	470	),
467	471	'toolbar' => array(
468	472	'bold_sample',
Index: trunk/phase3/skins/common/changepassword.js
—	—	@@ -0,0 +1,32 @@
	2	+
	3	+function onNameChange() {
	4	+ if ( wgUserName != document.getElementById('wpName').value ) {
	5	+ document.getElementById('wpPassword').disabled = true;
	6	+ document.getElementById('wpComment').disabled = false;
	7	+ } else {
	8	+ document.getElementById('wpPassword').disabled = false;
	9	+ document.getElementById('wpComment').disabled = true;
	10	+ }
	11	+}
	12	+
	13	+function onNameChangeHook() {
	14	+ document.getElementById( 'wpName' ).onblur = onNameChange;
	15	+}
	16	+
	17	+addOnloadHook( onNameChangeHook );
	18	+
	19	+function onNameChange() {
	20	+ if ( wgUserName != document.getElementById('wpName').value ) {
	21	+ document.getElementById('wpPassword').disabled = true;
	22	+ document.getElementById('wpComment').disabled = false;
	23	+ } else {
	24	+ document.getElementById('wpPassword').disabled = false;
	25	+ document.getElementById('wpComment').disabled = true;
	26	+ }
	27	+}
	28	+
	29	+function onNameChangeHook() {
	30	+ document.getElementById( 'wpName' ).onblur = onNameChange;
	31	+}
	32	+
	33	+addOnloadHook( onNameChangeHook );
Index: trunk/phase3/includes/DefaultSettings.php
—	—	@@ -1469,7 +1469,7 @@
1470	1470	* to ensure that client-side caches don't keep obsolete copies of global
1471	1471	* styles.
1472	1472	*/
1473		~~-$wgStyleVersion = '206';~~
	1473	+$wgStyleVersion = '207';
1474	1474
1475	1475
1476	1476	# Server-side caching:
—	—	@@ -2843,6 +2843,7 @@
2844	2844	'patrol',
2845	2845	'merge',
2846	2846	'suppress',
	2847	+ 'password',
2847	2848	);
2848	2849
2849	2850	/**
—	—	@@ -2897,6 +2898,7 @@
2898	2899	'patrol' => 'patrol-log-page',
2899	2900	'merge' => 'mergelog',
2900	2901	'suppress' => 'suppressionlog',
	2902	+ 'password' => 'resetpass-log'
2901	2903	);
2902	2904
2903	2905	/**
—	—	@@ -2917,6 +2919,7 @@
2918	2920	'patrol' => 'patrol-log-header',
2919	2921	'merge' => 'mergelogpagetext',
2920	2922	'suppress' => 'suppressionlogtext',
	2923	+ 'password' => 'resetpass-logtext',
2921	2924	);
2922	2925
2923	2926	/**
—	—	@@ -2952,6 +2955,7 @@
2953	2956	'suppress/delete' => 'suppressedarticle',
2954	2957	'suppress/block' => 'blocklogentry',
2955	2958	'suppress/reblock' => 'reblock-logentry',
	2959	+ 'password/reset' => 'resetpass-logentry'
2956	2960	);
2957	2961
2958	2962	/**
Index: trunk/phase3/includes/specials/SpecialResetpass.php
—	—	@@ -26,6 +26,7 @@
27	27	$this->mOldpass = $wgRequest->getVal( 'wpPassword' );
28	28	$this->mNewpass = $wgRequest->getVal( 'wpNewPassword' );
29	29	$this->mRetype = $wgRequest->getVal( 'wpRetype' );
	30	+ $this->mComment = $wgRequest->getVal( 'wpComment' );
30	31
31	32	$this->setHeaders();
32	33	$this->outputHeader();
—	—	@@ -94,6 +95,10 @@
95	96	global $wgOut, $wgUser, $wgRequest;
96	97
97	98	$wgOut->disallowUserJs();
	99	+
	100	+ if ( $wgUser->isAllowed( 'reset-passwords') ) {
	101	+ $wgOut->addScriptFile( 'changepassword.js' );
	102	+ }
98	103
99	104	$self = SpecialPage::getTitleFor( 'Resetpass' );
100	105
—	—	@@ -113,8 +118,7 @@
114	119	$oldpassMsg = 'oldpassword';
115	120	$submitMsg = 'resetpass-submit-loggedin';
116	121	}
117		~~- $wgOut->addHTML(~~
118		~~- Xml::fieldset( wfMsg( 'resetpass_header' ) ) .~~
	122	+ $s = Xml::fieldset( wfMsg( 'resetpass_header' ) ) .
119	123	Xml::openElement( 'form',
120	124	array(
121	125	'method' => 'post',
—	—	@@ -123,13 +127,15 @@
124	128	Xml::hidden( 'token', $wgUser->editToken() ) .
125	129	Xml::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) .
126	130	wfMsgExt( 'resetpass_text', array( 'parse' ) ) .
127		~~- Xml::openElement( 'table', array( 'id' => 'mw-resetpass-table' ) ) .~~
128		~~- $this->pretty( array(~~
	131	+ Xml::openElement( 'table', array( 'id' => 'mw-resetpass-table' ) );
	132	+ $formElements = array(
129	133	array( 'wpName', 'username', 'text', $this->mUserName, $wgUser->isAllowed( 'reset-passwords' ) ),
130	134	array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass, $this->mSelfChange ),
131	135	array( 'wpNewPassword', 'newpassword', 'password', '', true ),
132		~~- array( 'wpRetype', 'retypenew', 'password', '', true ),~~
133		~~- ) ) .~~
	136	+ array( 'wpRetype', 'retypenew', 'password', '', true ) );
	137	+ if ( $wgUser->isAllowed( 'reset-passwords' ) && $this->mSelfChange )
	138	+ $formElements[] = array( 'wpComment', 'resetpass-comment', 'text', $this->mComment, true );
	139	+ $s .= $this->pretty( $formElements ) .
134	140	$rememberMe .
135	141	'<tr>' .
136	142	'<td></td>' .
—	—	@@ -139,8 +145,8 @@
140	146	'</tr>' .
141	147	Xml::closeElement( 'table' ) .
142	148	Xml::closeElement( 'form' ) .
143		~~- Xml::closeElement( 'fieldset' )~~
144		~~- );~~
	149	+ Xml::closeElement( 'fieldset' );
	150	+ $wgOut->addHtml( $s );
145	151	}
146	152
147	153	function pretty( $fields ) {
—	—	@@ -183,7 +189,7 @@
184	190	throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
185	191	}
186	192	}
187		-
	193	+
188	194	try {
189	195	$user->setPassword( $this->mNewpass );
190	196	wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) );
—	—	@@ -194,6 +200,11 @@
195	201	return;
196	202	}
197	203
	204	+ if ( !$this->mSelfChange ) {
	205	+ $log = new LogPage( 'password' );
	206	+ $log->addEntry( 'reset', $user->getUserPage(), $this->mComment );
	207	+ }
	208	+
198	209	$user->setCookies();
199	210	$user->saveSettings();
200	211	}
Index: trunk/phase3/languages/messages/MessagesEn.php
—	—	@@ -1017,6 +1017,10 @@
1018	1018	You may have already successfully changed your password or requested a new temporary password.',
1019	1019	'resetpass-temp-password' => 'Temporary password:',
1020	1020	'resetpass-no-others' => 'You cannot reset the password for other users.',
	1021	+'resetpass-log' => 'Password resets',
	1022	+'resetpass-logtext' => 'Below is a log of users who have had their password reset by a bureaucrat',
	1023	+'resetpass-logentry' => 'changed the password for $1',
	1024	+'resetpass-comment' => 'Reason for password reset',
1021	1025
1022	1026	# Edit page toolbar
1023	1027	'bold_sample' => 'Bold text',

Follow-up revisions

Revision	Commit summary	Author	Date
r47641	Minor tweaks to messages for password reset feature introduced in r47637	siebrand	22:52, 21 February 2009
r78536	Rm unused javascript added in r47637 (follow up to r47569) and not reverted w...	happy-melon	16:04, 17 December 2010

Comments

#Comment by Siebrand (talk | contribs) 22:57, 21 February 2009

Some fixes made in r47641 and 47642

Status & tagging log

15:53, 17 December 2010 Happy-melon (talk | contribs) changed the status of r47637 [removed: resolved added: reverted]
22:57, 21 February 2009 Siebrand (talk | contribs) changed the status of r47637 [removed: new added: resolved]