| Index: trunk/phase3/includes/User.php |
| — | — | @@ -5,6 +5,12 @@ |
| 6 | 6 | */ |
| 7 | 7 | |
| 8 | 8 | /** |
| | 9 | + * Int Number of characters in user_token field. |
| | 10 | + * @ingroup Constants |
| | 11 | + */ |
| | 12 | +define( 'USER_TOKEN_LENGTH', 32 ); |
| | 13 | + |
| | 14 | +/** |
| 9 | 15 | * Int Serialized record version. |
| 10 | 16 | * @ingroup Constants |
| 11 | 17 | */ |
| — | — | @@ -35,6 +41,13 @@ |
| 36 | 42 | * of the database. |
| 37 | 43 | */ |
| 38 | 44 | class User { |
| | 45 | + /** |
| | 46 | + * Global constants made accessible as class constants so that autoloader |
| | 47 | + * magic can be used. |
| | 48 | + */ |
| | 49 | + const USER_TOKEN_LENGTH = USER_TOKEN_LENGTH; |
| | 50 | + const MW_USER_VERSION = MW_USER_VERSION; |
| | 51 | + const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX; |
| 39 | 52 | |
| 40 | 53 | /** |
| 41 | 54 | * Array of Strings List of member variables which are saved to the |
| — | — | @@ -364,7 +377,7 @@ |
| 365 | 378 | /** |
| 366 | 379 | * Create a new user object from a user row. |
| 367 | 380 | * The row should have all fields from the user table in it. |
| 368 | | - * @param $row array A row from the user table |
| | 381 | + * @param $row Array A row from the user table |
| 369 | 382 | * @return User |
| 370 | 383 | */ |
| 371 | 384 | static function newFromRow( $row ) { |
| — | — | @@ -614,7 +627,6 @@ |
| 615 | 628 | if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) ) |
| 616 | 629 | return $result; |
| 617 | 630 | |
| 618 | | - |
| 619 | 631 | if ( $result === false ) { |
| 620 | 632 | if( strlen( $password ) < $wgMinimalPasswordLength ) { |
| 621 | 633 | return 'passwordtooshort'; |
| — | — | @@ -1238,9 +1250,6 @@ |
| 1239 | 1251 | // Deprecated, but kept for backwards-compatibility config |
| 1240 | 1252 | return false; |
| 1241 | 1253 | } |
| 1242 | | - |
| 1243 | | - |
| 1244 | | - |
| 1245 | 1254 | if( in_array( wfGetIP(), $wgRateLimitsExcludedIPs ) ) { |
| 1246 | 1255 | // No other good way currently to disable rate limits |
| 1247 | 1256 | // for specific IPs. :P |
| — | — | @@ -1777,7 +1786,7 @@ |
| 1778 | 1787 | } |
| 1779 | 1788 | |
| 1780 | 1789 | if( !$this->isValidPassword( $str ) ) { |
| 1781 | | - global $wgMinimalPasswordLength; |
| | 1790 | + global $wgMinimalPasswordLength; |
| 1782 | 1791 | $valid = $this->getPasswordValidity( $str ); |
| 1783 | 1792 | if ( is_array( $valid ) ) { |
| 1784 | 1793 | $message = array_shift( $valid ); |
| — | — | @@ -1787,7 +1796,7 @@ |
| 1788 | 1797 | $params = array( $wgMinimalPasswordLength ); |
| 1789 | 1798 | } |
| 1790 | 1799 | throw new PasswordError( wfMsgExt( $message, array( 'parsemag' ), $params ) ); |
| 1791 | | - } |
| | 1800 | + } |
| 1792 | 1801 | } |
| 1793 | 1802 | |
| 1794 | 1803 | if( !$wgAuth->setPassword( $this, $str ) ) { |
| — | — | @@ -2197,7 +2206,6 @@ |
| 2198 | 2207 | } |
| 2199 | 2208 | |
| 2200 | 2209 | /** |
| 2201 | | - |
| 2202 | 2210 | * Check if user is allowed to access a feature / make an action |
| 2203 | 2211 | * @param $action String action to be checked |
| 2204 | 2212 | * @return Boolean: True if action is allowed, else false |
| — | — | @@ -2521,8 +2529,8 @@ |
| 2522 | 2530 | 'user_newpassword' => $this->mNewpassword, |
| 2523 | 2531 | 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ), |
| 2524 | 2532 | 'user_real_name' => $this->mRealName, |
| 2525 | | - 'user_email' => $this->mEmail, |
| 2526 | | - 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ), |
| | 2533 | + 'user_email' => $this->mEmail, |
| | 2534 | + 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ), |
| 2527 | 2535 | 'user_options' => '', |
| 2528 | 2536 | 'user_touched' => $dbw->timestamp( $this->mTouched ), |
| 2529 | 2537 | 'user_token' => $this->mToken, |
| — | — | @@ -2581,6 +2589,7 @@ |
| 2582 | 2590 | } |
| 2583 | 2591 | $dbw = wfGetDB( DB_MASTER ); |
| 2584 | 2592 | $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' ); |
| | 2593 | + |
| 2585 | 2594 | $fields = array( |
| 2586 | 2595 | 'user_id' => $seqVal, |
| 2587 | 2596 | 'user_name' => $name, |
| — | — | @@ -2792,7 +2801,7 @@ |
| 2793 | 2802 | // are shorter than this, doesn't mean people wont be able |
| 2794 | 2803 | // to. Certain authentication plugins do NOT want to save |
| 2795 | 2804 | // domain passwords in a mysql database, so we should |
| 2796 | | - // check this (incase $wgAuth->strict() is false). |
| | 2805 | + // check this (in case $wgAuth->strict() is false). |
| 2797 | 2806 | if( !$this->isValidPassword( $password ) ) { |
| 2798 | 2807 | return false; |
| 2799 | 2808 | } |
| — | — | @@ -2851,7 +2860,7 @@ |
| 2852 | 2861 | return EDIT_TOKEN_SUFFIX; |
| 2853 | 2862 | } else { |
| 2854 | 2863 | if( !isset( $_SESSION['wsEditToken'] ) ) { |
| 2855 | | - $token = $this->generateToken(); |
| | 2864 | + $token = self::generateToken(); |
| 2856 | 2865 | $_SESSION['wsEditToken'] = $token; |
| 2857 | 2866 | } else { |
| 2858 | 2867 | $token = $_SESSION['wsEditToken']; |
| — | — | @@ -2869,7 +2878,7 @@ |
| 2870 | 2879 | * @param $salt String Optional salt value |
| 2871 | 2880 | * @return String The new random token |
| 2872 | 2881 | */ |
| 2873 | | - function generateToken( $salt = '' ) { |
| | 2882 | + public static function generateToken( $salt = '' ) { |
| 2874 | 2883 | $token = dechex( mt_rand() ) . dechex( mt_rand() ); |
| 2875 | 2884 | return md5( $token . $salt ); |
| 2876 | 2885 | } |
| — | — | @@ -2977,7 +2986,7 @@ |
| 2978 | 2987 | $now = time(); |
| 2979 | 2988 | $expires = $now + $wgUserEmailConfirmationTokenExpiry; |
| 2980 | 2989 | $expiration = wfTimestamp( TS_MW, $expires ); |
| 2981 | | - $token = wfGenerateToken( $this->mId . $this->mEmail . $expires ); |
| | 2990 | + $token = self::generateToken( $this->mId . $this->mEmail . $expires ); |
| 2982 | 2991 | $hash = md5( $token ); |
| 2983 | 2992 | $this->load(); |
| 2984 | 2993 | $this->mEmailToken = $hash; |
| — | — | @@ -3131,7 +3140,7 @@ |
| 3132 | 3141 | * Get the timestamp of account creation. |
| 3133 | 3142 | * |
| 3134 | 3143 | * @return String|Bool Timestamp of account creation, or false for |
| 3135 | | - * non-existent/anonymous user accounts. |
| | 3144 | + * non-existent/anonymous user accounts. |
| 3136 | 3145 | */ |
| 3137 | 3146 | public function getRegistration() { |
| 3138 | 3147 | return $this->getId() > 0 |
| — | — | @@ -3143,7 +3152,7 @@ |
| 3144 | 3153 | * Get the timestamp of the first edit |
| 3145 | 3154 | * |
| 3146 | 3155 | * @return String|Bool Timestamp of first edit, or false for |
| 3147 | | - * non-existent/anonymous user accounts. |
| | 3156 | + * non-existent/anonymous user accounts. |
| 3148 | 3157 | */ |
| 3149 | 3158 | public function getFirstEditTimestamp() { |
| 3150 | 3159 | if( $this->getId() == 0 ) { |
| — | — | @@ -3333,9 +3342,9 @@ |
| 3334 | 3343 | * |
| 3335 | 3344 | * @param $group String: the group to check for whether it can add/remove |
| 3336 | 3345 | * @return Array array( 'add' => array( addablegroups ), |
| 3337 | | - * 'remove' => array( removablegroups ), |
| 3338 | | - * 'add-self' => array( addablegroups to self), |
| 3339 | | - * 'remove-self' => array( removable groups from self) ) |
| | 3346 | + * 'remove' => array( removablegroups ), |
| | 3347 | + * 'add-self' => array( addablegroups to self), |
| | 3348 | + * 'remove-self' => array( removable groups from self) ) |
| 3340 | 3349 | */ |
| 3341 | 3350 | static function changeableByGroup( $group ) { |
| 3342 | 3351 | global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf; |
| — | — | @@ -3573,27 +3582,31 @@ |
| 3574 | 3583 | * @param $byEmail Boolean: account made by email? |
| 3575 | 3584 | * @param $reason String: user supplied reason |
| 3576 | 3585 | */ |
| 3577 | | - public function addNewUserLogEntry( $creator, $byEmail = false ) { |
| 3578 | | - global $wgUser, $wgNewUserLog; |
| | 3586 | + public function addNewUserLogEntry( $byEmail = false, $reason = '' ) { |
| | 3587 | + global $wgUser, $wgContLang, $wgNewUserLog; |
| 3579 | 3588 | if( empty( $wgNewUserLog ) ) { |
| 3580 | 3589 | return true; // disabled |
| 3581 | 3590 | } |
| 3582 | 3591 | |
| 3583 | | - $action = ( $creator == $wgUser ) |
| 3584 | | - ? 'create2' # Safe to publish the creator |
| 3585 | | - : 'create'; # Creator is an IP, don't splash it all over Special:Log |
| 3586 | | - |
| 3587 | | - $message = $byEmail |
| 3588 | | - ? wfMsgForContent( 'newuserlog-byemail' ) |
| 3589 | | - : ''; |
| 3590 | | - |
| | 3592 | + if( $this->getName() == $wgUser->getName() ) { |
| | 3593 | + $action = 'create'; |
| | 3594 | + } else { |
| | 3595 | + $action = 'create2'; |
| | 3596 | + if ( $byEmail ) { |
| | 3597 | + if ( $reason === '' ) { |
| | 3598 | + $reason = wfMsgForContent( 'newuserlog-byemail' ); |
| | 3599 | + } else { |
| | 3600 | + $reason = $wgContLang->commaList( array( |
| | 3601 | + $reason, wfMsgForContent( 'newuserlog-byemail' ) ) ); |
| | 3602 | + } |
| | 3603 | + } |
| | 3604 | + } |
| 3591 | 3605 | $log = new LogPage( 'newusers' ); |
| 3592 | 3606 | $log->addEntry( |
| 3593 | 3607 | $action, |
| 3594 | 3608 | $this->getUserPage(), |
| 3595 | | - $message, |
| 3596 | | - array( $this->getId() ), |
| 3597 | | - $creator |
| | 3609 | + $reason, |
| | 3610 | + array( $this->getId() ) |
| 3598 | 3611 | ); |
| 3599 | 3612 | return true; |
| 3600 | 3613 | } |
| — | — | @@ -3603,18 +3616,12 @@ |
| 3604 | 3617 | * Used by things like CentralAuth and perhaps other authplugins. |
| 3605 | 3618 | */ |
| 3606 | 3619 | public function addNewUserLogEntryAutoCreate() { |
| 3607 | | - global $wgNewUserLog; |
| 3608 | | - if( empty( $wgNewUserLog ) ) { |
| | 3620 | + global $wgNewUserLog, $wgLogAutocreatedAccounts; |
| | 3621 | + if( !$wgNewUserLog || !$wgLogAutocreatedAccounts ) { |
| 3609 | 3622 | return true; // disabled |
| 3610 | 3623 | } |
| 3611 | 3624 | $log = new LogPage( 'newusers', false ); |
| 3612 | | - $log->addEntry( |
| 3613 | | - 'autocreate', |
| 3614 | | - $this->getUserPage(), |
| 3615 | | - '', |
| 3616 | | - array( $this->getId() ), |
| 3617 | | - $this->getId() |
| 3618 | | - ); |
| | 3625 | + $log->addEntry( 'autocreate', $this->getUserPage(), '', array( $this->getId() ) ); |
| 3619 | 3626 | return true; |
| 3620 | 3627 | } |
| 3621 | 3628 | |
| Index: trunk/phase3/includes/HTMLForm.php |
| — | — | @@ -109,7 +109,6 @@ |
| 110 | 110 | protected $mButtons = array(); |
| 111 | 111 | |
| 112 | 112 | protected $mWrapperLegend = false; |
| 113 | | - protected $mTokenAction = 'Edit'; |
| 114 | 113 | |
| 115 | 114 | /** |
| 116 | 115 | * Build a new HTMLForm from an array of field attributes |
| — | — | @@ -185,7 +184,7 @@ |
| 186 | 185 | if ( !$class ) { |
| 187 | 186 | throw new MWException( "Descriptor with no class: " . print_r( $descriptor, true ) ); |
| 188 | 187 | } |
| 189 | | - |
| | 188 | + |
| 190 | 189 | $descriptor['fieldname'] = $fieldname; |
| 191 | 190 | |
| 192 | 191 | $obj = new $class( $descriptor ); |
| — | — | @@ -211,15 +210,14 @@ |
| 212 | 211 | |
| 213 | 212 | /** |
| 214 | 213 | * Try submitting, with edit token check first |
| 215 | | - * @return Status|boolean |
| | 214 | + * @return Status|boolean |
| 216 | 215 | */ |
| 217 | 216 | function tryAuthorizedSubmit() { |
| 218 | 217 | global $wgUser, $wgRequest; |
| 219 | 218 | $editToken = $wgRequest->getVal( 'wpEditToken' ); |
| 220 | 219 | |
| 221 | 220 | $result = false; |
| 222 | | - # FIXME |
| 223 | | - if ( $wgRequest->wasPosted() ){#&& $this->getMethod() != 'post' || $wgUser->matchEditToken( $editToken ) ) { |
| | 221 | + if ( $this->getMethod() != 'post' || $wgUser->matchEditToken( $editToken ) ) { |
| 224 | 222 | $result = $this->trySubmit(); |
| 225 | 223 | } |
| 226 | 224 | return $result; |
| — | — | @@ -251,11 +249,6 @@ |
| 252 | 250 | * display. |
| 253 | 251 | */ |
| 254 | 252 | function trySubmit() { |
| 255 | | - # Check the session tokens |
| 256 | | - # FIXME |
| 257 | | - if ( false && !Token::match( null, $this->mTokenAction ) ) { |
| 258 | | - return array( 'sessionfailure' ); |
| 259 | | - } |
| 260 | 253 | # Check for validation |
| 261 | 254 | foreach ( $this->mFlatFields as $fieldname => $field ) { |
| 262 | 255 | if ( !empty( $field->mParams['nodata'] ) ) { |
| — | — | @@ -431,14 +424,9 @@ |
| 432 | 425 | global $wgUser; |
| 433 | 426 | |
| 434 | 427 | $html = ''; |
| | 428 | + |
| 435 | 429 | if( $this->getMethod() == 'post' ){ |
| 436 | | - # FIXME |
| 437 | | - $token = new Token( $this->mTokenAction ); |
| 438 | | - $html .= Html::hidden( |
| 439 | | - "wp{$this->mTokenAction}Token", |
| 440 | | - $token->set(), |
| 441 | | - array( 'id' => 'wpEditToken' ) |
| 442 | | - ) . "\n"; |
| | 430 | + $html .= Html::hidden( 'wpEditToken', $wgUser->editToken(), array( 'id' => 'wpEditToken' ) ) . "\n"; |
| 443 | 431 | $html .= Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n"; |
| 444 | 432 | } |
| 445 | 433 | |
| — | — | @@ -591,7 +579,6 @@ |
| 592 | 580 | $this->mSubmitTooltip = $name; |
| 593 | 581 | } |
| 594 | 582 | |
| 595 | | - |
| 596 | 583 | /** |
| 597 | 584 | * Set the id for the submit button. |
| 598 | 585 | * @param $t String. FIXME: Integrity is *not* validated |
| — | — | @@ -620,15 +607,6 @@ |
| 621 | 608 | function setMessagePrefix( $p ) { |
| 622 | 609 | $this->mMessagePrefix = $p; |
| 623 | 610 | } |
| 624 | | - /** |
| 625 | | - * If you want to protect the form from CSRF by a token other than |
| 626 | | - * the usual wsEditToken, set something here. |
| 627 | | - * @see Token::set() |
| 628 | | - * @param $a |
| 629 | | - */ |
| 630 | | - function setTokenAction( $a ){ |
| 631 | | - $this->mTokenAction = ucfirst( $a ); |
| 632 | | - } |
| 633 | 611 | |
| 634 | 612 | /** |
| 635 | 613 | * Set the title for form submission |
| — | — | @@ -645,7 +623,7 @@ |
| 646 | 624 | function getTitle() { |
| 647 | 625 | return $this->mTitle; |
| 648 | 626 | } |
| 649 | | - |
| | 627 | + |
| 650 | 628 | /** |
| 651 | 629 | * Set the method used to submit the form |
| 652 | 630 | * @param $method String |
| — | — | @@ -653,7 +631,7 @@ |
| 654 | 632 | public function setMethod( $method='post' ){ |
| 655 | 633 | $this->mMethod = $method; |
| 656 | 634 | } |
| 657 | | - |
| | 635 | + |
| 658 | 636 | public function getMethod(){ |
| 659 | 637 | return $this->mMethod; |
| 660 | 638 | } |
| — | — | @@ -862,12 +840,12 @@ |
| 863 | 841 | if ( isset( $params['name'] ) ) { |
| 864 | 842 | $this->mName = $params['name']; |
| 865 | 843 | } |
| 866 | | - |
| | 844 | + |
| 867 | 845 | $validName = Sanitizer::escapeId( $this->mName ); |
| 868 | 846 | if ( $this->mName != $validName && !isset( $params['nodata'] ) ) { |
| 869 | 847 | throw new MWException( "Invalid name '{$this->mName}' passed to " . __METHOD__ ); |
| 870 | 848 | } |
| 871 | | - |
| | 849 | + |
| 872 | 850 | $this->mID = "mw-input-{$this->mName}"; |
| 873 | 851 | |
| 874 | 852 | if ( isset( $params['default'] ) ) { |
| — | — | @@ -909,10 +887,10 @@ |
| 910 | 888 | global $wgRequest; |
| 911 | 889 | |
| 912 | 890 | $errors = $this->validate( $value, $this->mParent->mFieldData ); |
| 913 | | - |
| | 891 | + |
| 914 | 892 | $cellAttributes = array(); |
| 915 | 893 | $verticalLabel = false; |
| 916 | | - |
| | 894 | + |
| 917 | 895 | if ( !empty($this->mParams['vertical-label']) ) { |
| 918 | 896 | $cellAttributes['colspan'] = 2; |
| 919 | 897 | $verticalLabel = true; |
| — | — | @@ -930,9 +908,9 @@ |
| 931 | 909 | array( 'class' => 'mw-input' ) + $cellAttributes, |
| 932 | 910 | $this->getInputHTML( $value ) . "\n$errors" |
| 933 | 911 | ); |
| 934 | | - |
| | 912 | + |
| 935 | 913 | $fieldType = get_class( $this ); |
| 936 | | - |
| | 914 | + |
| 937 | 915 | if ($verticalLabel) { |
| 938 | 916 | $html = Html::rawElement( 'tr', |
| 939 | 917 | array( 'class' => 'mw-htmlform-vertical-label' ), $label ); |
| — | — | @@ -1161,11 +1139,11 @@ |
| 1162 | 1140 | if ( $p !== true ) { |
| 1163 | 1141 | return $p; |
| 1164 | 1142 | } |
| 1165 | | - |
| | 1143 | + |
| 1166 | 1144 | $value = trim( $value ); |
| 1167 | 1145 | |
| 1168 | 1146 | # http://dev.w3.org/html5/spec/common-microsyntaxes.html#real-numbers |
| 1169 | | - # with the addition that a leading '+' sign is ok. |
| | 1147 | + # with the addition that a leading '+' sign is ok. |
| 1170 | 1148 | if ( !preg_match( '/^((\+|\-)?\d+(\.\d+)?(E(\+|\-)?\d+)?)?$/i', $value ) ) { |
| 1171 | 1149 | return wfMsgExt( 'htmlform-float-invalid', 'parse' ); |
| 1172 | 1150 | } |
| — | — | @@ -1204,8 +1182,8 @@ |
| 1205 | 1183 | } |
| 1206 | 1184 | |
| 1207 | 1185 | # http://dev.w3.org/html5/spec/common-microsyntaxes.html#signed-integers |
| 1208 | | - # with the addition that a leading '+' sign is ok. Note that leading zeros |
| 1209 | | - # are fine, and will be left in the input, which is useful for things like |
| | 1186 | + # with the addition that a leading '+' sign is ok. Note that leading zeros |
| | 1187 | + # are fine, and will be left in the input, which is useful for things like |
| 1210 | 1188 | # phone numbers when you know that they are integers (the HTML5 type=tel |
| 1211 | 1189 | # input does not require its value to be numeric). If you want a tidier |
| 1212 | 1190 | # value to, eg, save in the DB, clean it up with intval(). |
| — | — | @@ -1437,8 +1415,8 @@ |
| 1438 | 1416 | } else { |
| 1439 | 1417 | $thisAttribs = array( 'id' => "{$this->mID}-$info", 'value' => $info ); |
| 1440 | 1418 | |
| 1441 | | - $checkbox = Xml::check( |
| 1442 | | - $this->mName . '[]', |
| | 1419 | + $checkbox = Xml::check( |
| | 1420 | + $this->mName . '[]', |
| 1443 | 1421 | in_array( $info, $value, true ), |
| 1444 | 1422 | $attribs + $thisAttribs ); |
| 1445 | 1423 | $checkbox .= ' ' . Html::rawElement( 'label', array( 'for' => "{$this->mID}-$info" ), $label ); |
| — | — | @@ -1578,7 +1556,7 @@ |
| 1579 | 1557 | class HTMLHiddenField extends HTMLFormField { |
| 1580 | 1558 | public function __construct( $params ) { |
| 1581 | 1559 | parent::__construct( $params ); |
| 1582 | | - |
| | 1560 | + |
| 1583 | 1561 | # Per HTML5 spec, hidden fields cannot be 'required' |
| 1584 | 1562 | # http://dev.w3.org/html5/spec/states-of-the-type-attribute.html#hidden-state |
| 1585 | 1563 | unset( $this->mParams['required'] ); |
| — | — | @@ -1627,7 +1605,7 @@ |
| 1628 | 1606 | protected function needsLabel() { |
| 1629 | 1607 | return false; |
| 1630 | 1608 | } |
| 1631 | | - |
| | 1609 | + |
| 1632 | 1610 | /** |
| 1633 | 1611 | * Button cannot be invalid |
| 1634 | 1612 | */ |
| Index: trunk/phase3/includes/OutputPage.php |
| — | — | @@ -2555,29 +2555,28 @@ |
| 2556 | 2556 | // Legacy Scripts |
| 2557 | 2557 | $scripts .= "\n" . $this->mScripts; |
| 2558 | 2558 | |
| 2559 | | - $userScripts = array( 'user.options' ); |
| 2560 | | - |
| 2561 | 2559 | // Add site JS if enabled |
| 2562 | 2560 | if ( $wgUseSiteJs ) { |
| 2563 | 2561 | $scripts .= $this->makeResourceLoaderLink( $sk, 'site', ResourceLoaderModule::TYPE_SCRIPTS ); |
| 2564 | | - if( $wgUser->isLoggedIn() ){ |
| 2565 | | - $userScripts[] = 'user.groups'; |
| 2566 | | - } |
| 2567 | 2562 | } |
| 2568 | 2563 | |
| 2569 | | - // Add user JS if enabled |
| | 2564 | + // Add user JS if enabled - trying to load user.options as a bundle if possible |
| | 2565 | + $userOptionsAdded = false; |
| 2570 | 2566 | if ( $wgAllowUserJs && $wgUser->isLoggedIn() ) { |
| 2571 | 2567 | $action = $wgRequest->getVal( 'action', 'view' ); |
| 2572 | 2568 | if( $this->mTitle && $this->mTitle->isJsSubpage() && $sk->userCanPreview( $action ) ) { |
| 2573 | 2569 | # XXX: additional security check/prompt? |
| 2574 | 2570 | $scripts .= Html::inlineScript( "\n" . $wgRequest->getText( 'wpTextbox1' ) . "\n" ) . "\n"; |
| 2575 | 2571 | } else { |
| 2576 | | - # FIXME: this means that User:Me/Common.js doesn't load when previewing |
| 2577 | | - # User:Me/Vector.js, and vice versa (bug26283) |
| 2578 | | - $userScripts[] = 'user'; |
| | 2572 | + $scripts .= $this->makeResourceLoaderLink( |
| | 2573 | + $sk, array( 'user', 'user.options' ), ResourceLoaderModule::TYPE_SCRIPTS |
| | 2574 | + ); |
| | 2575 | + $userOptionsAdded = true; |
| 2579 | 2576 | } |
| 2580 | 2577 | } |
| 2581 | | - $scripts .= $this->makeResourceLoaderLink( $sk, $userScripts, ResourceLoaderModule::TYPE_SCRIPTS ); |
| | 2578 | + if ( !$userOptionsAdded ) { |
| | 2579 | + $scripts .= $this->makeResourceLoaderLink( $sk, 'user.options', ResourceLoaderModule::TYPE_SCRIPTS ); |
| | 2580 | + } |
| 2582 | 2581 | |
| 2583 | 2582 | return $scripts; |
| 2584 | 2583 | } |
| Index: trunk/phase3/includes/resourceloader/ResourceLoaderUserGroupsModule.php |
| — | — | @@ -1,61 +0,0 @@ |
| 2 | | -<?php |
| 3 | | -/** |
| 4 | | - * This program is free software; you can redistribute it and/or modify |
| 5 | | - * it under the terms of the GNU General Public License as published by |
| 6 | | - * the Free Software Foundation; either version 2 of the License, or |
| 7 | | - * (at your option) any later version. |
| 8 | | - * |
| 9 | | - * This program is distributed in the hope that it will be useful, |
| 10 | | - * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 11 | | - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 12 | | - * GNU General Public License for more details. |
| 13 | | - * |
| 14 | | - * You should have received a copy of the GNU General Public License along |
| 15 | | - * with this program; if not, write to the Free Software Foundation, Inc., |
| 16 | | - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | | - * http://www.gnu.org/copyleft/gpl.html |
| 18 | | - * |
| 19 | | - * @file |
| 20 | | - * @author Trevor Parscal |
| 21 | | - * @author Roan Kattouw |
| 22 | | - */ |
| 23 | | - |
| 24 | | -/** |
| 25 | | - * Module for user customizations |
| 26 | | - */ |
| 27 | | -class ResourceLoaderUserGroupsModule extends ResourceLoaderWikiModule { |
| 28 | | - |
| 29 | | - /* Protected Methods */ |
| 30 | | - protected $origin = self::ORIGIN_USER_SITEWIDE; |
| 31 | | - |
| 32 | | - protected function getPages( ResourceLoaderContext $context ) { |
| 33 | | - if ( $context->getUser() ) { |
| 34 | | - $user = User::newFromName( $context->getUser() ); |
| 35 | | - if( $user instanceof User ){ |
| 36 | | - $pages = array(); |
| 37 | | - foreach( $user->getEffectiveGroups() as $group ){ |
| 38 | | - if( in_array( $group, array( '*', 'user' ) ) ){ |
| 39 | | - continue; |
| 40 | | - } |
| 41 | | - $g = ucfirst( $group ); |
| 42 | | - $pages["MediaWiki:$g.js"] = array( 'type' => 'script' ); |
| 43 | | - $pages["MediaWiki:$g.css"] = array( 'type' => 'style' ); |
| 44 | | - } |
| 45 | | - return $pages; |
| 46 | | - } |
| 47 | | - } |
| 48 | | - return array(); |
| 49 | | - } |
| 50 | | - |
| 51 | | - /* Methods */ |
| 52 | | - |
| 53 | | - public function getGroup() { |
| 54 | | - return 'user'; |
| 55 | | - } |
| 56 | | - |
| 57 | | - public function getFlip( $context ) { |
| 58 | | - global $wgContLang; |
| 59 | | - |
| 60 | | - return $wgContLang->getDir() !== $context->getDirection(); |
| 61 | | - } |
| 62 | | -} |
| Index: trunk/phase3/includes/AutoLoader.php |
| — | — | @@ -152,7 +152,6 @@ |
| 153 | 153 | 'LinksUpdate' => 'includes/LinksUpdate.php', |
| 154 | 154 | 'LocalisationCache' => 'includes/LocalisationCache.php', |
| 155 | 155 | 'LocalisationCache_BulkLoad' => 'includes/LocalisationCache.php', |
| 156 | | - 'Login' => 'includes/Login.php', |
| 157 | 156 | 'LogPage' => 'includes/LogPage.php', |
| 158 | 157 | 'LogPager' => 'includes/LogEventsList.php', |
| 159 | 158 | 'LogEventsList' => 'includes/LogEventsList.php', |
| — | — | @@ -212,7 +211,6 @@ |
| 213 | 212 | 'ResourceLoaderFileModule' => 'includes/resourceloader/ResourceLoaderFileModule.php', |
| 214 | 213 | 'ResourceLoaderSiteModule' => 'includes/resourceloader/ResourceLoaderSiteModule.php', |
| 215 | 214 | 'ResourceLoaderUserModule' => 'includes/resourceloader/ResourceLoaderUserModule.php', |
| 216 | | - 'ResourceLoaderUserGroupsModule' => 'includes/resourceloader/ResourceLoaderUserGroupsModule.php', |
| 217 | 215 | 'ResourceLoaderUserOptionsModule' => 'includes/resourceloader/ResourceLoaderUserOptionsModule.php', |
| 218 | 216 | 'ResourceLoaderStartUpModule' => 'includes/resourceloader/ResourceLoaderStartUpModule.php', |
| 219 | 217 | 'ReverseChronologicalPager' => 'includes/Pager.php', |
| — | — | @@ -581,7 +579,6 @@ |
| 582 | 580 | 'AncientPagesPage' => 'includes/specials/SpecialAncientpages.php', |
| 583 | 581 | 'BrokenRedirectsPage' => 'includes/specials/SpecialBrokenRedirects.php', |
| 584 | 582 | 'ContribsPager' => 'includes/specials/SpecialContributions.php', |
| 585 | | - 'SpecialCreateAccount' => 'includes/specials/SpecialCreateAccount.php', |
| 586 | 583 | 'DBLockForm' => 'includes/specials/SpecialLockdb.php', |
| 587 | 584 | 'DBUnlockForm' => 'includes/specials/SpecialUnlockdb.php', |
| 588 | 585 | 'DeadendPagesPage' => 'includes/specials/SpecialDeadendpages.php', |
| — | — | @@ -681,7 +678,6 @@ |
| 682 | 679 | 'UnwatchedpagesPage' => 'includes/specials/SpecialUnwatchedpages.php', |
| 683 | 680 | 'UploadForm' => 'includes/specials/SpecialUpload.php', |
| 684 | 681 | 'UploadSourceField' => 'includes/specials/SpecialUpload.php', |
| 685 | | - 'SpecialUserlogin' => 'includes/specials/SpecialUserlogin.php', |
| 686 | 682 | 'UserrightsPage' => 'includes/specials/SpecialUserrights.php', |
| 687 | 683 | 'UsersPager' => 'includes/specials/SpecialListusers.php', |
| 688 | 684 | 'WantedCategoriesPage' => 'includes/specials/SpecialWantedcategories.php', |
| Index: trunk/phase3/includes/specials/SpecialResetpass.php |
| — | — | @@ -27,69 +27,14 @@ |
| 28 | 28 | * @ingroup SpecialPage |
| 29 | 29 | */ |
| 30 | 30 | class SpecialResetpass extends SpecialPage { |
| 31 | | - |
| 32 | | - public $mFormFields = array( |
| 33 | | - 'NameInfo' => array( |
| 34 | | - 'type' => 'info', |
| 35 | | - 'label-message' => 'yourname', |
| 36 | | - 'default' => '', |
| 37 | | - ), |
| 38 | | - 'Name' => array( |
| 39 | | - 'type' => 'hidden', |
| 40 | | - 'name' => 'wpName', |
| 41 | | - 'default' => null, |
| 42 | | - ), |
| 43 | | - 'OldPassword' => array( |
| 44 | | - 'type' => 'password', |
| 45 | | - 'label-message' => 'oldpassword', |
| 46 | | - 'size' => '20', |
| 47 | | - 'id' => 'wpPassword', |
| 48 | | - 'required' => '', |
| 49 | | - ), |
| 50 | | - 'NewPassword' => array( |
| 51 | | - 'type' => 'password', |
| 52 | | - 'label-message' => 'newpassword', |
| 53 | | - 'size' => '20', |
| 54 | | - 'id' => 'wpNewPassword', |
| 55 | | - 'required' => '', |
| 56 | | - ), |
| 57 | | - 'Retype' => array( |
| 58 | | - 'type' => 'password', |
| 59 | | - 'label-message' => 'retypenew', |
| 60 | | - 'size' => '20', |
| 61 | | - 'id' => 'wpRetype', |
| 62 | | - 'required' => '', |
| 63 | | - ), |
| 64 | | - 'Remember' => array( |
| 65 | | - 'type' => 'check', |
| 66 | | - 'id' => 'wpRemember', |
| 67 | | - ), |
| 68 | | - ); |
| 69 | | - |
| 70 | | - protected $mUsername; |
| 71 | | - protected $mLogin; |
| 72 | | - |
| 73 | 31 | public function __construct() { |
| 74 | | - global $wgRequest, $wgUser, $wgLang, $wgCookieExpiration; |
| 75 | | - |
| 76 | 32 | parent::__construct( 'Resetpass' ); |
| 77 | | - $this->mFormFields['Retype']['validation-callback'] = array( 'SpecialCreateAccount', 'formValidateRetype' ); |
| 78 | | - |
| 79 | | - $this->mUsername = $wgRequest->getVal( 'wpName', $wgUser->getName() ); |
| 80 | | - $this->mReturnTo = $wgRequest->getVal( 'returnto' ); |
| 81 | | - $this->mReturnToQuery = $wgRequest->getVal( 'returntoquery' ); |
| 82 | | - |
| 83 | | - $this->mFormFields['Remember']['label'] = wfMsgExt( |
| 84 | | - 'remembermypassword', |
| 85 | | - 'parseinline', |
| 86 | | - $wgLang->formatNum( ceil( $wgCookieExpiration / 86400 ) ) |
| 87 | | - ); |
| 88 | 33 | } |
| 89 | 34 | |
| 90 | 35 | /** |
| 91 | 36 | * Main execution point |
| 92 | 37 | */ |
| 93 | | - public function execute( $par ) { |
| | 38 | + function execute( $par ) { |
| 94 | 39 | global $wgUser, $wgAuth, $wgOut, $wgRequest; |
| 95 | 40 | |
| 96 | 41 | if ( wfReadOnly() ) { |
| — | — | @@ -97,134 +42,196 @@ |
| 98 | 43 | return; |
| 99 | 44 | } |
| 100 | 45 | |
| | 46 | + $this->mUserName = $wgRequest->getVal( 'wpName' ); |
| | 47 | + $this->mOldpass = $wgRequest->getVal( 'wpPassword' ); |
| | 48 | + $this->mNewpass = $wgRequest->getVal( 'wpNewPassword' ); |
| | 49 | + $this->mRetype = $wgRequest->getVal( 'wpRetype' ); |
| | 50 | + $this->mDomain = $wgRequest->getVal( 'wpDomain' ); |
| | 51 | + |
| 101 | 52 | $this->setHeaders(); |
| 102 | 53 | $this->outputHeader(); |
| 103 | 54 | $wgOut->disallowUserJs(); |
| 104 | 55 | |
| 105 | | - if( wfReadOnly() ){ |
| 106 | | - $wgOut->readOnlyPage(); |
| 107 | | - return false; |
| | 56 | + if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) { |
| | 57 | + $this->error( wfMsg( 'resetpass-no-info' ) ); |
| | 58 | + return; |
| 108 | 59 | } |
| 109 | | - if( !$wgAuth->allowPasswordChange() ) { |
| 110 | | - $wgOut->showErrorPage( 'errorpagetitle', 'resetpass_forbidden' ); |
| 111 | | - return false; |
| 112 | | - } |
| 113 | 60 | |
| 114 | | - if( !$wgRequest->wasPosted() && !$wgUser->isLoggedIn() ) { |
| 115 | | - $wgOut->showErrorPage( 'errorpagetitle', 'resetpass-no-info' ); |
| 116 | | - return false; |
| | 61 | + if( $wgRequest->wasPosted() && $wgRequest->getBool( 'wpCancel' ) ) { |
| | 62 | + $this->doReturnTo(); |
| | 63 | + return; |
| 117 | 64 | } |
| 118 | 65 | |
| 119 | | - $this->getForm()->show(); |
| | 66 | + if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal( 'token' ) ) ) { |
| | 67 | + try { |
| | 68 | + $wgAuth->setDomain( $this->mDomain ); |
| | 69 | + if( !$wgAuth->allowPasswordChange() ) { |
| | 70 | + $this->error( wfMsg( 'resetpass_forbidden' ) ); |
| | 71 | + return; |
| | 72 | + } |
| 120 | 73 | |
| 121 | | - } |
| 122 | | - |
| 123 | | - public function formSubmitCallback( $data ){ |
| 124 | | - $data['Password'] = $data['OldPassword']; |
| 125 | | - $this->mLogin = new Login( $data ); |
| 126 | | - $result = $this->attemptReset( $data ); |
| 127 | | - |
| 128 | | - if( $result === true ){ |
| 129 | | - # Log the user in if they're not already (ie we're |
| 130 | | - # coming from the e-mail-password-reset route |
| 131 | | - global $wgUser; |
| 132 | | - if( !$wgUser->isLoggedIn() ) { |
| 133 | | - $this->mLogin->attemptLogin( $data['NewPassword'] ); |
| 134 | | - # Redirect out to the appropriate target. |
| 135 | | - SpecialUserlogin::successfulLogin( |
| 136 | | - 'resetpass_success', |
| 137 | | - $this->mReturnTo, |
| 138 | | - $this->mReturnToQuery, |
| 139 | | - $this->mLogin->mLoginResult |
| 140 | | - ); |
| 141 | | - } else { |
| 142 | | - # Redirect out to the appropriate target. |
| 143 | | - SpecialUserlogin::successfulLogin( |
| 144 | | - 'resetpass_success', |
| 145 | | - $this->mReturnTo, |
| 146 | | - $this->mReturnToQuery |
| 147 | | - ); |
| | 74 | + $this->attemptReset( $this->mNewpass, $this->mRetype ); |
| | 75 | + $wgOut->addWikiMsg( 'resetpass_success' ); |
| | 76 | + if( !$wgUser->isLoggedIn() ) { |
| | 77 | + LoginForm::setLoginToken(); |
| | 78 | + $token = LoginForm::getLoginToken(); |
| | 79 | + $data = array( |
| | 80 | + 'action' => 'submitlogin', |
| | 81 | + 'wpName' => $this->mUserName, |
| | 82 | + 'wpDomain' => $this->mDomain, |
| | 83 | + 'wpLoginToken' => $token, |
| | 84 | + 'wpPassword' => $this->mNewpass, |
| | 85 | + 'returnto' => $wgRequest->getVal( 'returnto' ), |
| | 86 | + ); |
| | 87 | + if( $wgRequest->getCheck( 'wpRemember' ) ) { |
| | 88 | + $data['wpRemember'] = 1; |
| | 89 | + } |
| | 90 | + $login = new LoginForm( new FauxRequest( $data, true ) ); |
| | 91 | + $login->execute( null ); |
| | 92 | + } |
| | 93 | + $this->doReturnTo(); |
| | 94 | + } catch( PasswordError $e ) { |
| | 95 | + $this->error( $e->getMessage() ); |
| 148 | 96 | } |
| 149 | | - return true; |
| 150 | | - } else { |
| 151 | | - return $result; |
| 152 | 97 | } |
| | 98 | + $this->showForm(); |
| 153 | 99 | } |
| | 100 | + |
| | 101 | + function doReturnTo() { |
| | 102 | + global $wgRequest, $wgOut; |
| | 103 | + $titleObj = Title::newFromText( $wgRequest->getVal( 'returnto' ) ); |
| | 104 | + if ( !$titleObj instanceof Title ) { |
| | 105 | + $titleObj = Title::newMainPage(); |
| | 106 | + } |
| | 107 | + $wgOut->redirect( $titleObj->getFullURL() ); |
| | 108 | + } |
| 154 | 109 | |
| 155 | | - public function getForm( $reset=false ) { |
| 156 | | - global $wgOut, $wgUser, $wgRequest; |
| | 110 | + function error( $msg ) { |
| | 111 | + global $wgOut; |
| | 112 | + $wgOut->addHTML( Xml::element('p', array( 'class' => 'error' ), $msg ) ); |
| | 113 | + } |
| 157 | 114 | |
| 158 | | - if( $reset || $wgRequest->getCheck( 'reset' ) ){ |
| 159 | | - # Request is coming from Special:UserLogin after it |
| 160 | | - # authenticated someone with a temporary password. |
| 161 | | - $this->mFormFields['OldPassword']['label-message'] = 'resetpass-temp-password'; |
| | 115 | + function showForm() { |
| | 116 | + global $wgOut, $wgUser, $wgRequest, $wgLivePasswordStrengthChecks; |
| | 117 | + |
| | 118 | + if ( $wgLivePasswordStrengthChecks ) { |
| | 119 | + $wgOut->addPasswordSecurity( 'wpNewPassword', 'wpRetype' ); |
| | 120 | + } |
| | 121 | + $self = $this->getTitle(); |
| | 122 | + if ( !$this->mUserName ) { |
| | 123 | + $this->mUserName = $wgUser->getName(); |
| | 124 | + } |
| | 125 | + $rememberMe = ''; |
| | 126 | + if ( !$wgUser->isLoggedIn() ) { |
| | 127 | + global $wgCookieExpiration, $wgLang; |
| | 128 | + $rememberMe = '<tr>' . |
| | 129 | + '<td></td>' . |
| | 130 | + '<td class="mw-input">' . |
| | 131 | + Xml::checkLabel( |
| | 132 | + wfMsgExt( 'remembermypassword', 'parsemag', $wgLang->formatNum( ceil( $wgCookieExpiration / ( 3600 * 24 ) ) ) ), |
| | 133 | + 'wpRemember', 'wpRemember', |
| | 134 | + $wgRequest->getCheck( 'wpRemember' ) ) . |
| | 135 | + '</td>' . |
| | 136 | + '</tr>'; |
| 162 | 137 | $submitMsg = 'resetpass_submit'; |
| 163 | | - $this->mFormFields['OldPassword']['default'] = $wgRequest->getText( 'wpPassword' ); |
| 164 | | - #perpetuate |
| 165 | | - $this->mFormFields['reset'] = array( |
| 166 | | - 'type' => 'hidden', |
| 167 | | - 'default' => '1', |
| 168 | | - ); |
| | 138 | + $oldpassMsg = 'resetpass-temp-password'; |
| 169 | 139 | } else { |
| 170 | | - unset( $this->mFormFields['Remember'] ); |
| | 140 | + $oldpassMsg = 'oldpassword'; |
| 171 | 141 | $submitMsg = 'resetpass-submit-loggedin'; |
| 172 | 142 | } |
| | 143 | + $wgOut->addHTML( |
| | 144 | + Xml::fieldset( wfMsg( 'resetpass_header' ) ) . |
| | 145 | + Xml::openElement( 'form', |
| | 146 | + array( |
| | 147 | + 'method' => 'post', |
| | 148 | + 'action' => $self->getLocalUrl(), |
| | 149 | + 'id' => 'mw-resetpass-form' ) ) . "\n" . |
| | 150 | + Html::hidden( 'token', $wgUser->editToken() ) . "\n" . |
| | 151 | + Html::hidden( 'wpName', $this->mUserName ) . "\n" . |
| | 152 | + Html::hidden( 'wpDomain', $this->mDomain ) . "\n" . |
| | 153 | + Html::hidden( 'returnto', $wgRequest->getVal( 'returnto' ) ) . "\n" . |
| | 154 | + wfMsgExt( 'resetpass_text', array( 'parse' ) ) . "\n" . |
| | 155 | + Xml::openElement( 'table', array( 'id' => 'mw-resetpass-table' ) ) . "\n" . |
| | 156 | + $this->pretty( array( |
| | 157 | + array( 'wpName', 'username', 'text', $this->mUserName, '' ), |
| | 158 | + array( 'wpPassword', $oldpassMsg, 'password', $this->mOldpass, '' ), |
| | 159 | + array( 'wpNewPassword', 'newpassword', 'password', null, '<div id="password-strength"></div>' ), |
| | 160 | + array( 'wpRetype', 'retypenew', 'password', null, '<div id="password-retype"></div>' ), |
| | 161 | + ) ) . "\n" . |
| | 162 | + $rememberMe . |
| | 163 | + "<tr>\n" . |
| | 164 | + "<td></td>\n" . |
| | 165 | + '<td class="mw-input">' . |
| | 166 | + Xml::submitButton( wfMsg( $submitMsg ) ) . |
| | 167 | + Xml::submitButton( wfMsg( 'resetpass-submit-cancel' ), array( 'name' => 'wpCancel' ) ) . |
| | 168 | + "</td>\n" . |
| | 169 | + "</tr>\n" . |
| | 170 | + Xml::closeElement( 'table' ) . |
| | 171 | + Xml::closeElement( 'form' ) . |
| | 172 | + Xml::closeElement( 'fieldset' ) . "\n" |
| | 173 | + ); |
| | 174 | + } |
| 173 | 175 | |
| 174 | | - $this->mFormFields['Name']['default'] = |
| 175 | | - $this->mFormFields['NameInfo']['default'] = $this->mUsername; |
| 176 | | - |
| 177 | | - $form = new HTMLForm( $this->mFormFields, '' ); |
| 178 | | - $form->suppressReset(); |
| 179 | | - $form->setSubmitText( wfMsg( $submitMsg ) ); |
| 180 | | - $form->setTitle( $this->getTitle() ); |
| 181 | | - $form->addHiddenField( 'returnto', $this->mReturnTo ); |
| 182 | | - $form->setWrapperLegend( wfMsg( 'resetpass_header' ) ); |
| 183 | | - |
| 184 | | - $form->setSubmitCallback( array( $this, 'formSubmitCallback' ) ); |
| 185 | | - $form->loadData(); |
| 186 | | - |
| 187 | | - return $form; |
| | 176 | + function pretty( $fields ) { |
| | 177 | + $out = ''; |
| | 178 | + foreach ( $fields as $list ) { |
| | 179 | + list( $name, $label, $type, $value, $extra ) = $list; |
| | 180 | + if( $type == 'text' ) { |
| | 181 | + $field = htmlspecialchars( $value ); |
| | 182 | + } else { |
| | 183 | + $attribs = array( 'id' => $name ); |
| | 184 | + if ( $name == 'wpNewPassword' || $name == 'wpRetype' ) { |
| | 185 | + $attribs = array_merge( $attribs, |
| | 186 | + User::passwordChangeInputAttribs() ); |
| | 187 | + } |
| | 188 | + if ( $name == 'wpPassword' ) { |
| | 189 | + $attribs[] = 'autofocus'; |
| | 190 | + } |
| | 191 | + $field = Html::input( $name, $value, $type, $attribs ); |
| | 192 | + } |
| | 193 | + $out .= "<tr>\n"; |
| | 194 | + $out .= "\t<td class='mw-label'>"; |
| | 195 | + if ( $type != 'text' ) |
| | 196 | + $out .= Xml::label( wfMsg( $label ), $name ); |
| | 197 | + else |
| | 198 | + $out .= wfMsgHtml( $label ); |
| | 199 | + $out .= "</td>\n"; |
| | 200 | + $out .= "\t<td class='mw-input'>$field</td>\n"; |
| | 201 | + $out .= "\t<td>$extra</td>\n"; |
| | 202 | + $out .= "</tr>"; |
| | 203 | + } |
| | 204 | + return $out; |
| 188 | 205 | } |
| 189 | 206 | |
| 190 | 207 | /** |
| 191 | | - * Try to reset the user's password |
| | 208 | + * @throws PasswordError when cannot set the new password because requirements not met. |
| 192 | 209 | */ |
| 193 | | - protected function attemptReset( $data ) { |
| 194 | | - |
| 195 | | - if( !$data['Name'] |
| 196 | | - || !$data['OldPassword'] |
| 197 | | - || !$data['NewPassword'] |
| 198 | | - || !$data['Retype'] ) |
| 199 | | - { |
| 200 | | - return false; |
| | 210 | + protected function attemptReset( $newpass, $retype ) { |
| | 211 | + $user = User::newFromName( $this->mUserName ); |
| | 212 | + if( !$user || $user->isAnon() ) { |
| | 213 | + throw new PasswordError( 'no such user' ); |
| 201 | 214 | } |
| 202 | | - |
| 203 | | - $user = $this->mLogin->getUser(); |
| 204 | | - if( !( $user instanceof User ) ){ |
| 205 | | - return wfMsgExt( 'nosuchuser', 'parse' ); |
| | 215 | + |
| | 216 | + if( $newpass !== $retype ) { |
| | 217 | + wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'badretype' ) ); |
| | 218 | + throw new PasswordError( wfMsg( 'badretype' ) ); |
| 206 | 219 | } |
| 207 | 220 | |
| 208 | | - if( $data['NewPassword'] !== $data['Retype'] ) { |
| 209 | | - wfRunHooks( 'PrefsPasswordAudit', array( $user, $data['NewPassword'], 'badretype' ) ); |
| 210 | | - return wfMsgExt( 'badretype', 'parse' ); |
| | 221 | + if( !$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass) ) { |
| | 222 | + wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) ); |
| | 223 | + throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) ); |
| 211 | 224 | } |
| 212 | | - |
| 213 | | - if( !$user->checkPassword( $data['OldPassword'] ) && !$user->checkTemporaryPassword( $data['OldPassword'] ) ) |
| 214 | | - { |
| 215 | | - wfRunHooks( 'PrefsPasswordAudit', array( $user, $data['NewPassword'], 'wrongpassword' ) ); |
| 216 | | - return wfMsgExt( 'resetpass-wrong-oldpass', 'parse' ); |
| 217 | | - } |
| 218 | | - |
| | 225 | + |
| 219 | 226 | try { |
| 220 | | - $user->setPassword( $data['NewPassword'] ); |
| 221 | | - wfRunHooks( 'PrefsPasswordAudit', array( $user, $data['NewPassword'], 'success' ) ); |
| | 227 | + $user->setPassword( $this->mNewpass ); |
| | 228 | + wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) ); |
| | 229 | + $this->mNewpass = $this->mOldpass = $this->mRetypePass = ''; |
| 222 | 230 | } catch( PasswordError $e ) { |
| 223 | | - wfRunHooks( 'PrefsPasswordAudit', array( $user, $data['NewPassword'], 'error' ) ); |
| 224 | | - return $e->getMessage(); |
| | 231 | + wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) ); |
| | 232 | + throw new PasswordError( $e->getMessage() ); |
| 225 | 233 | } |
| 226 | | - |
| | 234 | + |
| 227 | 235 | $user->setCookies(); |
| 228 | 236 | $user->saveSettings(); |
| 229 | | - return true; |
| 230 | 237 | } |
| 231 | 238 | } |
| Index: trunk/phase3/includes/Skin.php |
| — | — | @@ -546,7 +546,7 @@ |
| 547 | 547 | * @private |
| 548 | 548 | */ |
| 549 | 549 | function setupUserCss( OutputPage $out ) { |
| 550 | | - global $wgRequest, $wgUser; |
| | 550 | + global $wgRequest; |
| 551 | 551 | global $wgUseSiteCss, $wgAllowUserCss, $wgAllowUserCssPrefs; |
| 552 | 552 | |
| 553 | 553 | wfProfileIn( __METHOD__ ); |
| — | — | @@ -560,9 +560,6 @@ |
| 561 | 561 | // Per-site custom styles |
| 562 | 562 | if ( $wgUseSiteCss ) { |
| 563 | 563 | $out->addModuleStyles( 'site' ); |
| 564 | | - if( $wgUser->isLoggedIn() ){ |
| 565 | | - $out->addModuleStyles( 'user.groups' ); |
| 566 | | - } |
| 567 | 564 | } |
| 568 | 565 | |
| 569 | 566 | // Per-user custom styles |
| Index: trunk/phase3/RELEASE-NOTES |
| — | — | @@ -72,8 +72,6 @@ |
| 73 | 73 | (maintenance/fixDoubleRedirects.php) |
| 74 | 74 | * (bug 23315) New body classes to allow easier styling of special pages |
| 75 | 75 | * (bug 27159) Make email confirmation code expiration time configurable |
| 76 | | -* CSS/JS for each user group is imported from MediaWiki:Sysop.js, |
| 77 | | - MediaWiki:Autoconfirmed.css, etc. |
| 78 | 76 | |
| 79 | 77 | === Bug fixes in 1.18 === |
| 80 | 78 | * (bug 23119) WikiError class and subclasses are now marked as deprecated |
| Index: trunk/phase3/resources/Resources.php |
| — | — | @@ -8,7 +8,6 @@ |
| 9 | 9 | 'startup' => array( 'class' => 'ResourceLoaderStartUpModule' ), |
| 10 | 10 | 'user' => array( 'class' => 'ResourceLoaderUserModule' ), |
| 11 | 11 | 'user.options' => array( 'class' => 'ResourceLoaderUserOptionsModule' ), |
| 12 | | - 'user.groups' => array( 'class' => 'ResourceLoaderUserGroupsModule' ), |
| 13 | 12 | |
| 14 | 13 | /* Skins */ |
| 15 | 14 | |