public function execute() { if (!$this->hasAnyRoutes()) { $this->dieUsage('No password reset routes are available.', 'moduledisabled'); } $params = $this->extractRequestParams() + ['user' => null, 'email' => null]; $this->requireOnlyOneParameter($params, 'user', 'email'); $passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton()); $status = $passwordReset->isAllowed($this->getUser(), $params['capture']); if (!$status->isOK()) { $this->dieStatus(Status::wrap($status)); } $status = $passwordReset->execute($this->getUser(), $params['user'], $params['email'], $params['capture']); if (!$status->isOK()) { $status->value = null; $this->dieStatus(Status::wrap($status)); } $result = $this->getResult(); $result->addValue(['resetpassword'], 'status', 'success'); if ($params['capture']) { $passwords = $status->getValue() ?: []; ApiResult::setArrayType($passwords, 'kvp', 'user'); ApiResult::setIndexedTagName($passwords, 'p'); $result->addValue(['resetpassword'], 'passwords', $passwords); } }
public function validUserId() { $reset = new PasswordReset(); $reset->email = $this->user('testUser')->emailAddress; $reset->validUserId('email'); $this->assertFalse($reset->hasErrors()); $this->assertEquals($this->user('testUser')->id, $reset->userId); $reset = new PasswordReset(); $reset->email = '*****@*****.**'; $reset->validUserId('email'); $this->assertTrue($reset->hasErrors()); $this->assertEmpty($reset->userId); }
/** * Hide the password reset page if resets are disabled. * @return bool */ public function isListed() { if ($this->passwordReset->isAllowed($this->getUser())->isGood()) { return parent::isListed(); } return false; }
/** * Save the associated user model * * Also, this clears out all password resets associated with the given user, * if successful. * @return type */ public function save() { if ($this->validate()) { $this->userModel->password = PasswordUtil::createHash($this->password); PasswordReset::model()->deleteAllByAttributes(array('userId' => $this->userModel->id)); return $this->userModel->update(array('password')); } return false; }
public function testSave() { $user = $this->user('testUser'); $form = new PasswordResetForm($user); $password = '******'; $form->password = $password; $form->confirm = $form->password; $form->save(); $user->refresh(); $this->assertTrue(PasswordUtil::validatePassword($password, $user->password)); $this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id))); }
/** * @dataProvider provideIsAllowed */ public function testIsAllowed($passwordResetRoutes, $enableEmail, $allowsAuthenticationDataChange, $canEditPrivate, $canSeePassword, $userIsBlocked, $isAllowed, $isAllowedToDisplayPassword) { $config = new HashConfig(['PasswordResetRoutes' => $passwordResetRoutes, 'EnableEmail' => $enableEmail]); $authManager = $this->getMockBuilder(AuthManager::class)->disableOriginalConstructor()->getMock(); $authManager->expects($this->any())->method('allowsAuthenticationDataChange')->willReturn($allowsAuthenticationDataChange ? Status::newGood() : Status::newFatal('foo')); $user = $this->getMock(User::class); $user->expects($this->any())->method('getName')->willReturn('Foo'); $user->expects($this->any())->method('isBlocked')->willReturn($userIsBlocked); $user->expects($this->any())->method('isAllowed')->will($this->returnCallback(function ($perm) use($canEditPrivate, $canSeePassword) { if ($perm === 'editmyprivateinfo') { return $canEditPrivate; } elseif ($perm === 'passwordreset') { return $canSeePassword; } else { $this->fail('Unexpected permission check'); } })); $passwordReset = new PasswordReset($config, $authManager); $this->assertSame($isAllowed, $passwordReset->isAllowed($user)->isGood()); $this->assertSame($isAllowedToDisplayPassword, $passwordReset->isAllowed($user, true)->isGood()); }
public function testSave() { $user = $this->user('testUser'); $form = new PasswordResetForm($user); $password = '******'; $form->password = $password; $form->confirm = $form->password; $form->save(); $user->refresh(); $this->assertTrue(PasswordUtil::validatePassword($password, $user->password)); $this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id))); // Test validation as well, as a "bonus", since there needn't be any // fixture loading for it, and it thus saves a few seconds when running // the test: $form = new PasswordResetForm($user); $passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing')); foreach ($passwords as $good => $passes) { foreach ($passes as $pass) { $form->password = $pass; $form->confirm = $pass; $this->assertEquals($good, $form->validate(array('password'))); } } }
/** * 密码重置 * @param string $username 学号 * @param string $idCard 密码 * @return bool */ public function passwordReset($username, $idCard) { $passwordReset = new PasswordReset($this->cookie); return $passwordReset->set($username, $idCard); }
private function send_forgot_password_email($user_id) { $this->load->library('email'); $this->load->helper('keygen'); $user = new User($user_id); ////////////////////////////////////////////////// // Generate a unique code // ////////////////////////////////////////////////// $code = keygen_generate(64); $check = new PasswordReset(); $check->where('code', $code); $check->get(); while ($check->exists()) { $code = keygen_generate(64); $check = new PasswordReset(); $check->where('code', $code); $check->get(); } $reset = $user->passwordreset; $reset->get(); if ($reset->exists()) { $reset->code = $code; $reset->save(); } else { $reset = new PasswordReset(); $reset->code = $code; $reset->save($user); } $this->user_session->set_account_invalid(); $data['code'] = $reset->code; $data['user'] = array('id' => $user->id, 'firstname' => $user->firstname, 'lastname' => $user->lastname, 'email' => $user->email); $data['content'] = 'password_reset'; $message = $this->load->view('email_master', $data, true); $this->email->from('*****@*****.**', 'OurVigor Support'); $this->email->to($user->email); $this->email->subject('OurVigor Password Reset'); $this->email->message($message); $this->email->send(); }
/** * Generates a form from the given request. * @param AuthenticationRequest[] $requests * @param string $action AuthManager action name * @param string|Message $msg * @param string $msgType * @return HTMLForm */ protected function getAuthForm(array $requests, $action, $msg = '', $msgType = 'error') { global $wgSecureLogin, $wgLoginLanguageSelector; // FIXME merge this with parent if (isset($this->authForm)) { return $this->authForm; } $usingHTTPS = $this->getRequest()->getProtocol() === 'https'; // get basic form description from the auth logic $fieldInfo = AuthenticationRequest::mergeFieldInfo($requests); $fakeTemplate = $this->getFakeTemplate($msg, $msgType); $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook // this will call onAuthChangeFormFields() $formDescriptor = static::fieldInfoToFormDescriptor($requests, $fieldInfo, $this->authAction); $this->postProcessFormDescriptor($formDescriptor); $context = $this->getContext(); if ($context->getRequest() !== $this->getRequest()) { // We have overridden the request, need to make sure the form uses that too. $context = new DerivativeContext($this->getContext()); $context->setRequest($this->getRequest()); } $form = HTMLForm::factory('vform', $formDescriptor, $context); $form->addHiddenField('authAction', $this->authAction); if ($wgLoginLanguageSelector) { $form->addHiddenField('uselang', $this->mLanguage); } $form->addHiddenField('force', $this->securityLevel); $form->addHiddenField($this->getTokenName(), $this->getToken()->toString()); if ($wgSecureLogin) { // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved if (!$this->isSignup()) { $form->addHiddenField('wpForceHttps', (int) $this->mStickHTTPS); $form->addHiddenField('wpFromhttp', $usingHTTPS); } } // set properties of the form itself $form->setAction($this->getPageTitle()->getLocalURL($this->getReturnToQueryStringFragment())); $form->setName('userlogin' . ($this->isSignup() ? '2' : '')); if ($this->isSignup()) { $form->setId('userlogin2'); } // add pre/post text // header used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup // should be above the error message but HTMLForm doesn't support that $form->addHeaderText($fakeTemplate->html('header')); // FIXME the old form used this for error/warning messages which does not play well with // HTMLForm (maybe it could with a subclass?); for now only display it for signups // (where the JS username validation needs it) and alway empty if ($this->isSignup()) { // used by the mediawiki.special.userlogin.signup.js module $statusAreaAttribs = ['id' => 'mw-createacct-status-area']; // $statusAreaAttribs += $msg ? [ 'class' => "{$msgType}box" ] : [ 'style' => 'display: none;' ]; $form->addHeaderText(Html::element('div', $statusAreaAttribs)); } // header used by MobileFrontend $form->addHeaderText($fakeTemplate->html('formheader')); // blank signup footer for site customization if ($this->isSignup() && $this->showExtraInformation()) { // Use signupend-https for HTTPS requests if it's not blank, signupend otherwise $signupendMsg = $this->msg('signupend'); $signupendHttpsMsg = $this->msg('signupend-https'); if (!$signupendMsg->isDisabled()) { $signupendText = $usingHTTPS && !$signupendHttpsMsg->isBlank() ? $signupendHttpsMsg->parse() : $signupendMsg->parse(); $form->addPostText(Html::rawElement('div', ['id' => 'signupend'], $signupendText)); } } // warning header for non-standard workflows (e.g. security reauthentication) if (!$this->isSignup() && $this->getUser()->isLoggedIn()) { $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin'; $form->addHeaderText(Html::rawElement('div', ['class' => 'warningbox'], $this->msg($reauthMessage)->params($this->getUser()->getName())->parse())); } if (!$this->isSignup() && $this->showExtraInformation()) { $passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton()); if ($passwordReset->isAllowed($this->getUser())) { $form->addFooterText(Html::rawElement('div', ['class' => 'mw-ui-vform-field mw-form-related-link-container'], Linker::link(SpecialPage::getTitleFor('PasswordReset'), $this->msg('userlogin-resetpassword-link')->escaped()))); } // Don't show a "create account" link if the user can't. if ($this->showCreateAccountLink()) { // link to the other action $linkTitle = $this->getTitleFor($this->isSignup() ? 'Userlogin' : 'CreateAccount'); $linkq = $this->getReturnToQueryStringFragment(); // Pass any language selection on to the mode switch link if ($wgLoginLanguageSelector && $this->mLanguage) { $linkq .= '&uselang=' . $this->mLanguage; } $createOrLoginHref = $linkTitle->getLocalURL($linkq); if ($this->getUser()->isLoggedIn()) { $createOrLoginHtml = Html::rawElement('div', ['class' => 'mw-ui-vform-field'], Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'tabindex' => 100], $this->msg('userlogin-createanother')->escaped())); } else { $createOrLoginHtml = Html::rawElement('div', ['id' => 'mw-createaccount-cta', 'class' => 'mw-ui-vform-field'], $this->msg('userlogin-noaccount')->escaped() . Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'class' => 'mw-ui-button', 'tabindex' => 100], $this->msg('userlogin-joinproject')->escaped())); } $form->addFooterText($createOrLoginHtml); } } $form->suppressDefaultSubmit(); $this->authForm = $form; return $form; }
$returnValue["message"] = "Missing email address"; echo json_encode($returnValue); return; } $email = htmlentities($_POST["userEmail"]); $dao = new MySQLDAO($dbhost, $dbuser, $dbpassword, $dbname); $dao->openConnection(); // Check if email address is found in our database $userDetails = $dao->getUserDetails($email); if (empty($userDetails)) { $returnValue["message"] = "Provided email address is not found in our database"; echo json_encode($returnValue); return; } // Generate a unique string token $passwordReset = new PasswordReset(); $passwordToken = $passwordReset->generateUniqueToken(16); // Store unique token in our database $user_id = $userDetails["user_id"]; $dao->storePasswordToken($user_id, $passwordToken); // Prepare email message with Subject, Message, From, To... $messageDetails = array(); $messageDetails["message_subject"] = "Password reset requested"; $messageDetails["to_email"] = $userDetails["email"]; $messageDetails["from_name"] = "Sergey Kargopolov"; $messageDetails["from_email"] = "*****@*****.**"; // Load email message html template and insert html link to click and beging parssword reset $messageBody = $passwordReset->generateMessageBody(); $emailMessage = str_replace("{token}", $passwordToken, $messageBody); $messageDetails["message_body"] = $emailMessage; // Send out email message to user
/** * Reset a user's password via a really basic email verification process * * @param type $id ID/key of the password recovery record */ public function actionResetPassword($id = null) { if (!Yii::app()->user->isGuest) { $this->redirect(array('/profile/changePassword', 'id' => Yii::app()->user->id)); } $this->layout = '//layouts/login'; $scenario = 'new'; $title = Yii::t('app', 'Reset Password'); $this->pageTitle = $title; $message = Yii::t('app', 'Enter the email address associated with your user account to request a new password and username reminder.'); $request = new PasswordReset(); $resetForm = null; if (isset($_POST['PasswordReset'])) { // Submitting a password reset request $request->setAttributes($_POST['PasswordReset']); if ($request->save()) { $request->setScenario('afterSave'); if (!$request->validate(array('email'))) { // Create a new model. It is done this way (adding the // validation error to a new model) so that there is a trail // of reset request attempts that can be counted to determine // if the user has made too many. $oldRequest = $request; $request = new $request(); $request->setAttributes($oldRequest->getAttributes(array('email')), false); $request->addErrors($oldRequest->getErrors()); } else { // A user with the corresponding email was found. Attempt to // send the email and whatever happens, don't display the // form again. $scenario = 'message'; $mail = new EmailDeliveryBehavior(); $mail->credId = Credentials::model()->getDefaultUserAccount(Credentials::$sysUseId['systemNotificationEmail'], 'email'); // Compose the message & headers $message = Yii::t('users', "You have requested to reset the password for user {user} in {appName}.", array('{user}' => $request->user->alias, '{appName}' => Yii::app()->settings->appName)); $message .= ' ' . Yii::t('users', "To finish resetting your password, please open the following link: "); $message .= "<br /><br />" . $this->createAbsoluteUrl('/site/resetPassword') . '?' . http_build_query(array('id' => $request->id)); $message .= "<br /><br />" . Yii::t('users', "If you did not make this request, please disregard this email."); $recipients = array('to' => array(array('', $request->email))); // Send the email $status = $mail->deliverEmail($recipients, Yii::app()->settings->appName . " password reset", $message); // Set the response message accordingly. if ($status['code'] == 200) { $title = Yii::t('users', 'Almost Done!'); $message = Yii::t('users', 'Check your email at {email} for ' . 'further instructions to finish resetting your password.', array('{email}' => $request->email)); } else { $title = Yii::t('users', 'Could not send email.'); $message = Yii::t('users', 'Sending of the password reset verification email failed with message: {message}', array('{message}' => $status['message'])); } } } else { if ($request->limitReached) { $scenario = 'message'; $message = Yii::t('app', 'You have made too many requests to reset passwords. ' . 'Please wait one hour before trying again.'); } } } else { if ($id !== null) { // User might have arrived here through the link in a reset email. $scenario = 'apply'; $request = PasswordReset::model()->findByPk($id); if ($request instanceof PasswordReset && !$request->isExpired) { // Reset request record exists. $user = $request->user; if ($user instanceof User) { // ...and is valid (points to an existing user) // // Default message: the password entry form (initial request) $message = Yii::t('users', 'Enter a new password for user "{user}" ({name}):', array('{user}' => $user->alias, '{name}' => CHtml::encode($user->firstName . ' ' . $user->lastName))); $resetForm = new PasswordResetForm($user); if (isset($_POST['PasswordResetForm'])) { // Handle the form submission: $resetForm->setAttributes($_POST['PasswordResetForm']); if ($resetForm->save()) { // Done, success. $scenario = 'message'; $title = Yii::t('users', 'Password Has Been Reset'); $message = Yii::t('users', 'You should now have access ' . 'as "{user}" with the new password specified.', array('{user}' => $user->alias)); } } } else { // Invalid request record; it does not correspond to an // existing user, i.e. it's an "attempt" (entering an email // address to see if that sticks). $scenario = 'message'; $title = Yii::t('users', 'Access Denied'); $message = Yii::t('users', 'Invalid reset key.'); } } else { $scenario = 'message'; $title = Yii::t('users', 'Access Denied'); if ($request->isExpired) { $message = Yii::t('users', 'The password reset link has expired.'); } else { $message = Yii::t('users', 'Invalid reset link.'); } } } } $this->render('resetPassword', compact('scenario', 'title', 'message', 'request', 'resetForm')); }
<?php require_once '../Util/Database.php'; require_once '../Util/View.php'; require_once '../Util/Session.php'; require_once '../Models/PasswordReset.php'; $CF_MSG = "An email has been sent. Please follow the link to reset your password"; $ERR_MSG = "There is no account by that email"; $email = trim($_POST['email']); $db = new Database(); $query = $db->query("SElECT email FROM USERS where email = '{$email}' "); $data = $query->fetch(PDO::FETCH_ASSOC); if ($data['email'] === $email) { $password = new PasswordReset(); if ($password->sendPasswordLink($email)) { $_SESSION['confirm_message'] = $CF_MSG; View::render('index.php'); } else { $_SESSION['error_message'] = "Unable to process the request. Please try again later."; View::render('forgotpassword.php'); } } else { $_SESSION['error_message'] = $ERR_MSG; View::render('forgotpassword.php'); }
/** * Create a HTMLForm descriptor for the core login fields. * @param FakeAuthTemplate $template B/C data (not used but needed by getBCFieldDefinitions) * @return array */ protected function getFieldDefinitions($template) { global $wgEmailConfirmToEdit, $wgLoginLanguageSelector; $isLoggedIn = $this->getUser()->isLoggedIn(); $continuePart = $this->isContinued() ? 'continue-' : ''; $anotherPart = $isLoggedIn ? 'another-' : ''; $expiration = $this->getRequest()->getSession()->getProvider()->getRememberUserDuration(); $expirationDays = ceil($expiration / (3600 * 24)); $secureLoginLink = ''; if ($this->mSecureLoginUrl) { $secureLoginLink = Html::element('a', ['href' => $this->mSecureLoginUrl, 'class' => 'mw-ui-flush-right mw-secure'], $this->msg('userlogin-signwithsecure')->text()); } $usernameHelpLink = ''; if (!$this->msg('createacct-helpusername')->isDisabled()) { $usernameHelpLink = Html::rawElement('span', ['class' => 'mw-ui-flush-right'], $this->msg('createacct-helpusername')->parse()); } if ($this->isSignup()) { $fieldDefinitions = ['statusarea' => ['type' => 'info', 'raw' => true, 'default' => Html::element('div', ['id' => 'mw-createacct-status-area']), 'weight' => -105], 'username' => ['label-raw' => $this->msg('userlogin-yourname')->escaped() . $usernameHelpLink, 'id' => 'wpName2', 'placeholder-message' => $isLoggedIn ? 'createacct-another-username-ph' : 'userlogin-yourname-ph'], 'mailpassword' => ['type' => 'check', 'label-message' => 'createaccountmail', 'name' => 'wpCreateaccountMail', 'id' => 'wpCreateaccountMail'], 'password' => ['id' => 'wpPassword2', 'placeholder-message' => 'createacct-yourpassword-ph', 'hide-if' => ['===', 'wpCreateaccountMail', '1']], 'domain' => [], 'retype' => ['baseField' => 'password', 'type' => 'password', 'label-message' => 'createacct-yourpasswordagain', 'id' => 'wpRetype', 'cssclass' => 'loginPassword', 'size' => 20, 'validation-callback' => function ($value, $alldata) { if (empty($alldata['mailpassword']) && !empty($alldata['password'])) { if (!$value) { return $this->msg('htmlform-required'); } elseif ($value !== $alldata['password']) { return $this->msg('badretype'); } } return true; }, 'hide-if' => ['===', 'wpCreateaccountMail', '1'], 'placeholder-message' => 'createacct-yourpasswordagain-ph'], 'email' => ['type' => 'email', 'label-message' => $wgEmailConfirmToEdit ? 'createacct-emailrequired' : 'createacct-emailoptional', 'id' => 'wpEmail', 'cssclass' => 'loginText', 'size' => '20', 'required' => $wgEmailConfirmToEdit, 'validation-callback' => function ($value, $alldata) { global $wgEmailConfirmToEdit; // AuthManager will check most of these, but that will make the auth // session fail and this won't, so nicer to do it this way if (!$value && $wgEmailConfirmToEdit) { // no point in allowing registration without email when email is // required to edit return $this->msg('noemailtitle'); } elseif (!$value && !empty($alldata['mailpassword'])) { // cannot send password via email when there is no email address return $this->msg('noemailcreate'); } elseif ($value && !Sanitizer::validateEmail($value)) { return $this->msg('invalidemailaddress'); } return true; }, 'placeholder-message' => 'createacct-' . $anotherPart . 'email-ph'], 'realname' => ['type' => 'text', 'help-message' => $isLoggedIn ? 'createacct-another-realname-tip' : 'prefs-help-realname', 'label-message' => 'createacct-realname', 'cssclass' => 'loginText', 'size' => 20, 'id' => 'wpRealName'], 'reason' => ['type' => 'text', 'label-message' => 'createacct-reason', 'cssclass' => 'loginText', 'id' => 'wpReason', 'size' => '20', 'placeholder-message' => 'createacct-reason-ph'], 'extrainput' => [], 'createaccount' => ['type' => 'submit', 'default' => $this->msg('createacct-' . $anotherPart . $continuePart . 'submit')->text(), 'name' => 'wpCreateaccount', 'id' => 'wpCreateaccount', 'weight' => 100]]; } else { $fieldDefinitions = ['username' => ['label-raw' => $this->msg('userlogin-yourname')->escaped() . $secureLoginLink, 'id' => 'wpName1', 'placeholder-message' => 'userlogin-yourname-ph'], 'password' => ['id' => 'wpPassword1', 'placeholder-message' => 'userlogin-yourpassword-ph'], 'domain' => [], 'extrainput' => [], 'rememberMe' => ['type' => 'check', 'name' => 'wpRemember', 'label-message' => $this->msg('userlogin-remembermypassword')->numParams($expirationDays), 'id' => 'wpRemember'], 'loginattempt' => ['type' => 'submit', 'default' => $this->msg('pt-login-' . $continuePart . 'button')->text(), 'id' => 'wpLoginAttempt', 'weight' => 100], 'linkcontainer' => ['type' => 'info', 'cssclass' => 'mw-form-related-link-container mw-userlogin-help', 'raw' => true, 'default' => Html::element('a', ['href' => Skin::makeInternalOrExternalUrl(wfMessage('helplogin-url')->inContentLanguage()->text())], $this->msg('userlogin-helplink2')->text()), 'weight' => 200], 'skipReset' => ['weight' => 110, 'flags' => []]]; } $fieldDefinitions['username'] += ['type' => 'text', 'name' => 'wpName', 'cssclass' => 'loginText', 'size' => 20]; $fieldDefinitions['password'] += ['type' => 'password', 'name' => 'wpPassword', 'cssclass' => 'loginPassword', 'size' => 20]; if ($template->get('header') || $template->get('formheader')) { // B/C for old extensions that haven't been converted to AuthManager (or have been // but somebody is using the old version) and still use templates via the // UserCreateForm/UserLoginForm hook. // 'header' used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup // 'formheader' used by MobileFrontend $fieldDefinitions['header'] = ['type' => 'info', 'raw' => true, 'default' => $template->get('header') ?: $template->get('formheader'), 'weight' => -110]; } if ($this->mEntryError) { $fieldDefinitions['entryError'] = ['type' => 'info', 'default' => Html::rawElement('div', ['class' => $this->mEntryErrorType . 'box'], $this->mEntryError), 'raw' => true, 'rawrow' => true, 'weight' => -100]; } if (!$this->showExtraInformation()) { unset($fieldDefinitions['linkcontainer'], $fieldDefinitions['signupend']); } if ($this->isSignup() && $this->showExtraInformation()) { // blank signup footer for site customization // uses signupend-https for HTTPS requests if it's not blank, signupend otherwise $signupendMsg = $this->msg('signupend'); $signupendHttpsMsg = $this->msg('signupend-https'); if (!$signupendMsg->isDisabled()) { $usingHTTPS = $this->getRequest()->getProtocol() === 'https'; $signupendText = $usingHTTPS && !$signupendHttpsMsg->isBlank() ? $signupendHttpsMsg->parse() : $signupendMsg->parse(); $fieldDefinitions['signupend'] = ['type' => 'info', 'raw' => true, 'default' => Html::rawElement('div', ['id' => 'signupend'], $signupendText), 'weight' => 225]; } } if (!$this->isSignup() && $this->showExtraInformation()) { $passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton()); if ($passwordReset->isAllowed($this->getUser())->isGood()) { $fieldDefinitions['passwordReset'] = ['type' => 'info', 'raw' => true, 'cssclass' => 'mw-form-related-link-container', 'default' => Linker::link(SpecialPage::getTitleFor('PasswordReset'), $this->msg('userlogin-resetpassword-link')->escaped()), 'weight' => 230]; } // Don't show a "create account" link if the user can't. if ($this->showCreateAccountLink()) { // link to the other action $linkTitle = $this->getTitleFor($this->isSignup() ? 'Userlogin' : 'CreateAccount'); $linkq = $this->getReturnToQueryStringFragment(); // Pass any language selection on to the mode switch link if ($wgLoginLanguageSelector && $this->mLanguage) { $linkq .= '&uselang=' . $this->mLanguage; } $loggedIn = $this->getUser()->isLoggedIn(); $fieldDefinitions['createOrLogin'] = ['type' => 'info', 'raw' => true, 'linkQuery' => $linkq, 'default' => function ($params) use($loggedIn, $linkTitle) { return Html::rawElement('div', ['id' => 'mw-createaccount' . (!$loggedIn ? '-cta' : ''), 'class' => $loggedIn ? 'mw-form-related-link-container' : 'mw-ui-vform-field'], ($loggedIn ? '' : $this->msg('userlogin-noaccount')->escaped()) . Html::element('a', ['id' => 'mw-createaccount-join' . ($loggedIn ? '-loggedin' : ''), 'href' => $linkTitle->getLocalURL($params['linkQuery']), 'class' => $loggedIn ? '' : 'mw-ui-button', 'tabindex' => 100], $this->msg($loggedIn ? 'userlogin-createanother' : 'userlogin-joinproject')->escaped())); }, 'weight' => 235]; } } $fieldDefinitions = $this->getBCFieldDefinitions($fieldDefinitions, $template); $fieldDefinitions = array_filter($fieldDefinitions); return $fieldDefinitions; }
public function storeResetPassword(Request $request) { $id = Auth::user()->id; $user = User::findOrFail($id); // $input = Request::all(); // $pass = $input['password_old']; // $pass = bcrypt($pass); //dd($pass, $user->password); //dd($user->password); $this->validate($request, ['token' => 'required', 'email' => 'required|email', 'password' => 'required|confirmed']); $credentials = $request->only('email', 'password', 'password_confirmation', 'token'); $response = $this->passwords->reset($credentials, function ($user, $password) { $user->password = bcrypt($password); $user->save(); $this->auth->login($user); }); if ($pass == $user->password) { dd('норм'); $input['created_at'] = Carbon::now(); // $input['updated_at'] = Carbon::now(); $input['email'] = 'asd@asd.a'; dd($input); PasswordReset::create($input); } else { dd('хлам'); return redirect(trans('routes.locale') . '/home/{home}/edit'); } return redirect(trans('routes.locale') . '/home/{home}/edit'); }