public function execute()
{
if (!$this->hasAnyRoutes()) {
$this->dieUsage('No password reset routes are available.', 'moduledisabled');
}
$params = $this->extractRequestParams() + ['user' => null, 'email' => null];
$this->requireOnlyOneParameter($params, 'user', 'email');
$passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton());
$status = $passwordReset->isAllowed($this->getUser(), $params['capture']);
if (!$status->isOK()) {
$this->dieStatus(Status::wrap($status));
}
$status = $passwordReset->execute($this->getUser(), $params['user'], $params['email'], $params['capture']);
if (!$status->isOK()) {
$status->value = null;
$this->dieStatus(Status::wrap($status));
}
$result = $this->getResult();
$result->addValue(['resetpassword'], 'status', 'success');
if ($params['capture']) {
$passwords = $status->getValue() ?: [];
ApiResult::setArrayType($passwords, 'kvp', 'user');
ApiResult::setIndexedTagName($passwords, 'p');
$result->addValue(['resetpassword'], 'passwords', $passwords);
}
}
public function validUserId()
{
$reset = new PasswordReset();
$reset->email = $this->user('testUser')->emailAddress;
$reset->validUserId('email');
$this->assertFalse($reset->hasErrors());
$this->assertEquals($this->user('testUser')->id, $reset->userId);
$reset = new PasswordReset();
$reset->email = '*****@*****.**';
$reset->validUserId('email');
$this->assertTrue($reset->hasErrors());
$this->assertEmpty($reset->userId);
}
/**
* Hide the password reset page if resets are disabled.
* @return bool
*/
public function isListed()
{
if ($this->passwordReset->isAllowed($this->getUser())->isGood()) {
return parent::isListed();
}
return false;
}
/**
* Save the associated user model
*
* Also, this clears out all password resets associated with the given user,
* if successful.
* @return type
*/
public function save()
{
if ($this->validate()) {
$this->userModel->password = PasswordUtil::createHash($this->password);
PasswordReset::model()->deleteAllByAttributes(array('userId' => $this->userModel->id));
return $this->userModel->update(array('password'));
}
return false;
}
public function testSave()
{
$user = $this->user('testUser');
$form = new PasswordResetForm($user);
$password = '******';
$form->password = $password;
$form->confirm = $form->password;
$form->save();
$user->refresh();
$this->assertTrue(PasswordUtil::validatePassword($password, $user->password));
$this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id)));
}
/**
* @dataProvider provideIsAllowed
*/
public function testIsAllowed($passwordResetRoutes, $enableEmail, $allowsAuthenticationDataChange, $canEditPrivate, $canSeePassword, $userIsBlocked, $isAllowed, $isAllowedToDisplayPassword)
{
$config = new HashConfig(['PasswordResetRoutes' => $passwordResetRoutes, 'EnableEmail' => $enableEmail]);
$authManager = $this->getMockBuilder(AuthManager::class)->disableOriginalConstructor()->getMock();
$authManager->expects($this->any())->method('allowsAuthenticationDataChange')->willReturn($allowsAuthenticationDataChange ? Status::newGood() : Status::newFatal('foo'));
$user = $this->getMock(User::class);
$user->expects($this->any())->method('getName')->willReturn('Foo');
$user->expects($this->any())->method('isBlocked')->willReturn($userIsBlocked);
$user->expects($this->any())->method('isAllowed')->will($this->returnCallback(function ($perm) use($canEditPrivate, $canSeePassword) {
if ($perm === 'editmyprivateinfo') {
return $canEditPrivate;
} elseif ($perm === 'passwordreset') {
return $canSeePassword;
} else {
$this->fail('Unexpected permission check');
}
}));
$passwordReset = new PasswordReset($config, $authManager);
$this->assertSame($isAllowed, $passwordReset->isAllowed($user)->isGood());
$this->assertSame($isAllowedToDisplayPassword, $passwordReset->isAllowed($user, true)->isGood());
}
public function testSave()
{
$user = $this->user('testUser');
$form = new PasswordResetForm($user);
$password = '******';
$form->password = $password;
$form->confirm = $form->password;
$form->save();
$user->refresh();
$this->assertTrue(PasswordUtil::validatePassword($password, $user->password));
$this->assertEquals(0, PasswordReset::model()->countByAttributes(array('userId' => $user->id)));
// Test validation as well, as a "bonus", since there needn't be any
// fixture loading for it, and it thus saves a few seconds when running
// the test:
$form = new PasswordResetForm($user);
$passwords = array(false => array('n#6', 'ninininini'), true => array('D83*@)1', 'this that and the next thing'));
foreach ($passwords as $good => $passes) {
foreach ($passes as $pass) {
$form->password = $pass;
$form->confirm = $pass;
$this->assertEquals($good, $form->validate(array('password')));
}
}
}
/**
* 密码重置
* @param string $username 学号
* @param string $idCard 密码
* @return bool
*/
public function passwordReset($username, $idCard)
{
$passwordReset = new PasswordReset($this->cookie);
return $passwordReset->set($username, $idCard);
}
private function send_forgot_password_email($user_id)
{
$this->load->library('email');
$this->load->helper('keygen');
$user = new User($user_id);
//////////////////////////////////////////////////
// Generate a unique code //
//////////////////////////////////////////////////
$code = keygen_generate(64);
$check = new PasswordReset();
$check->where('code', $code);
$check->get();
while ($check->exists()) {
$code = keygen_generate(64);
$check = new PasswordReset();
$check->where('code', $code);
$check->get();
}
$reset = $user->passwordreset;
$reset->get();
if ($reset->exists()) {
$reset->code = $code;
$reset->save();
} else {
$reset = new PasswordReset();
$reset->code = $code;
$reset->save($user);
}
$this->user_session->set_account_invalid();
$data['code'] = $reset->code;
$data['user'] = array('id' => $user->id, 'firstname' => $user->firstname, 'lastname' => $user->lastname, 'email' => $user->email);
$data['content'] = 'password_reset';
$message = $this->load->view('email_master', $data, true);
$this->email->from('*****@*****.**', 'OurVigor Support');
$this->email->to($user->email);
$this->email->subject('OurVigor Password Reset');
$this->email->message($message);
$this->email->send();
}
/**
* Generates a form from the given request.
* @param AuthenticationRequest[] $requests
* @param string $action AuthManager action name
* @param string|Message $msg
* @param string $msgType
* @return HTMLForm
*/
protected function getAuthForm(array $requests, $action, $msg = '', $msgType = 'error')
{
global $wgSecureLogin, $wgLoginLanguageSelector;
// FIXME merge this with parent
if (isset($this->authForm)) {
return $this->authForm;
}
$usingHTTPS = $this->getRequest()->getProtocol() === 'https';
// get basic form description from the auth logic
$fieldInfo = AuthenticationRequest::mergeFieldInfo($requests);
$fakeTemplate = $this->getFakeTemplate($msg, $msgType);
$this->fakeTemplate = $fakeTemplate;
// FIXME there should be a saner way to pass this to the hook
// this will call onAuthChangeFormFields()
$formDescriptor = static::fieldInfoToFormDescriptor($requests, $fieldInfo, $this->authAction);
$this->postProcessFormDescriptor($formDescriptor);
$context = $this->getContext();
if ($context->getRequest() !== $this->getRequest()) {
// We have overridden the request, need to make sure the form uses that too.
$context = new DerivativeContext($this->getContext());
$context->setRequest($this->getRequest());
}
$form = HTMLForm::factory('vform', $formDescriptor, $context);
$form->addHiddenField('authAction', $this->authAction);
if ($wgLoginLanguageSelector) {
$form->addHiddenField('uselang', $this->mLanguage);
}
$form->addHiddenField('force', $this->securityLevel);
$form->addHiddenField($this->getTokenName(), $this->getToken()->toString());
if ($wgSecureLogin) {
// If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved
if (!$this->isSignup()) {
$form->addHiddenField('wpForceHttps', (int) $this->mStickHTTPS);
$form->addHiddenField('wpFromhttp', $usingHTTPS);
}
}
// set properties of the form itself
$form->setAction($this->getPageTitle()->getLocalURL($this->getReturnToQueryStringFragment()));
$form->setName('userlogin' . ($this->isSignup() ? '2' : ''));
if ($this->isSignup()) {
$form->setId('userlogin2');
}
// add pre/post text
// header used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup
// should be above the error message but HTMLForm doesn't support that
$form->addHeaderText($fakeTemplate->html('header'));
// FIXME the old form used this for error/warning messages which does not play well with
// HTMLForm (maybe it could with a subclass?); for now only display it for signups
// (where the JS username validation needs it) and alway empty
if ($this->isSignup()) {
// used by the mediawiki.special.userlogin.signup.js module
$statusAreaAttribs = ['id' => 'mw-createacct-status-area'];
// $statusAreaAttribs += $msg ? [ 'class' => "{$msgType}box" ] : [ 'style' => 'display: none;' ];
$form->addHeaderText(Html::element('div', $statusAreaAttribs));
}
// header used by MobileFrontend
$form->addHeaderText($fakeTemplate->html('formheader'));
// blank signup footer for site customization
if ($this->isSignup() && $this->showExtraInformation()) {
// Use signupend-https for HTTPS requests if it's not blank, signupend otherwise
$signupendMsg = $this->msg('signupend');
$signupendHttpsMsg = $this->msg('signupend-https');
if (!$signupendMsg->isDisabled()) {
$signupendText = $usingHTTPS && !$signupendHttpsMsg->isBlank() ? $signupendHttpsMsg->parse() : $signupendMsg->parse();
$form->addPostText(Html::rawElement('div', ['id' => 'signupend'], $signupendText));
}
}
// warning header for non-standard workflows (e.g. security reauthentication)
if (!$this->isSignup() && $this->getUser()->isLoggedIn()) {
$reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin';
$form->addHeaderText(Html::rawElement('div', ['class' => 'warningbox'], $this->msg($reauthMessage)->params($this->getUser()->getName())->parse()));
}
if (!$this->isSignup() && $this->showExtraInformation()) {
$passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton());
if ($passwordReset->isAllowed($this->getUser())) {
$form->addFooterText(Html::rawElement('div', ['class' => 'mw-ui-vform-field mw-form-related-link-container'], Linker::link(SpecialPage::getTitleFor('PasswordReset'), $this->msg('userlogin-resetpassword-link')->escaped())));
}
// Don't show a "create account" link if the user can't.
if ($this->showCreateAccountLink()) {
// link to the other action
$linkTitle = $this->getTitleFor($this->isSignup() ? 'Userlogin' : 'CreateAccount');
$linkq = $this->getReturnToQueryStringFragment();
// Pass any language selection on to the mode switch link
if ($wgLoginLanguageSelector && $this->mLanguage) {
$linkq .= '&uselang=' . $this->mLanguage;
}
$createOrLoginHref = $linkTitle->getLocalURL($linkq);
if ($this->getUser()->isLoggedIn()) {
$createOrLoginHtml = Html::rawElement('div', ['class' => 'mw-ui-vform-field'], Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'tabindex' => 100], $this->msg('userlogin-createanother')->escaped()));
} else {
$createOrLoginHtml = Html::rawElement('div', ['id' => 'mw-createaccount-cta', 'class' => 'mw-ui-vform-field'], $this->msg('userlogin-noaccount')->escaped() . Html::element('a', ['id' => 'mw-createaccount-join', 'href' => $createOrLoginHref, 'class' => 'mw-ui-button', 'tabindex' => 100], $this->msg('userlogin-joinproject')->escaped()));
}
$form->addFooterText($createOrLoginHtml);
}
}
$form->suppressDefaultSubmit();
$this->authForm = $form;
return $form;
}
$returnValue["message"] = "Missing email address";
echo json_encode($returnValue);
return;
}
$email = htmlentities($_POST["userEmail"]);
$dao = new MySQLDAO($dbhost, $dbuser, $dbpassword, $dbname);
$dao->openConnection();
// Check if email address is found in our database
$userDetails = $dao->getUserDetails($email);
if (empty($userDetails)) {
$returnValue["message"] = "Provided email address is not found in our database";
echo json_encode($returnValue);
return;
}
// Generate a unique string token
$passwordReset = new PasswordReset();
$passwordToken = $passwordReset->generateUniqueToken(16);
// Store unique token in our database
$user_id = $userDetails["user_id"];
$dao->storePasswordToken($user_id, $passwordToken);
// Prepare email message with Subject, Message, From, To...
$messageDetails = array();
$messageDetails["message_subject"] = "Password reset requested";
$messageDetails["to_email"] = $userDetails["email"];
$messageDetails["from_name"] = "Sergey Kargopolov";
$messageDetails["from_email"] = "*****@*****.**";
// Load email message html template and insert html link to click and beging parssword reset
$messageBody = $passwordReset->generateMessageBody();
$emailMessage = str_replace("{token}", $passwordToken, $messageBody);
$messageDetails["message_body"] = $emailMessage;
// Send out email message to user
/**
* Reset a user's password via a really basic email verification process
*
* @param type $id ID/key of the password recovery record
*/
public function actionResetPassword($id = null)
{
if (!Yii::app()->user->isGuest) {
$this->redirect(array('/profile/changePassword', 'id' => Yii::app()->user->id));
}
$this->layout = '//layouts/login';
$scenario = 'new';
$title = Yii::t('app', 'Reset Password');
$this->pageTitle = $title;
$message = Yii::t('app', 'Enter the email address associated with your user account to request a new password and username reminder.');
$request = new PasswordReset();
$resetForm = null;
if (isset($_POST['PasswordReset'])) {
// Submitting a password reset request
$request->setAttributes($_POST['PasswordReset']);
if ($request->save()) {
$request->setScenario('afterSave');
if (!$request->validate(array('email'))) {
// Create a new model. It is done this way (adding the
// validation error to a new model) so that there is a trail
// of reset request attempts that can be counted to determine
// if the user has made too many.
$oldRequest = $request;
$request = new $request();
$request->setAttributes($oldRequest->getAttributes(array('email')), false);
$request->addErrors($oldRequest->getErrors());
} else {
// A user with the corresponding email was found. Attempt to
// send the email and whatever happens, don't display the
// form again.
$scenario = 'message';
$mail = new EmailDeliveryBehavior();
$mail->credId = Credentials::model()->getDefaultUserAccount(Credentials::$sysUseId['systemNotificationEmail'], 'email');
// Compose the message & headers
$message = Yii::t('users', "You have requested to reset the password for user {user} in {appName}.", array('{user}' => $request->user->alias, '{appName}' => Yii::app()->settings->appName));
$message .= ' ' . Yii::t('users', "To finish resetting your password, please open the following link: ");
$message .= "<br /><br />" . $this->createAbsoluteUrl('/site/resetPassword') . '?' . http_build_query(array('id' => $request->id));
$message .= "<br /><br />" . Yii::t('users', "If you did not make this request, please disregard this email.");
$recipients = array('to' => array(array('', $request->email)));
// Send the email
$status = $mail->deliverEmail($recipients, Yii::app()->settings->appName . " password reset", $message);
// Set the response message accordingly.
if ($status['code'] == 200) {
$title = Yii::t('users', 'Almost Done!');
$message = Yii::t('users', 'Check your email at {email} for ' . 'further instructions to finish resetting your password.', array('{email}' => $request->email));
} else {
$title = Yii::t('users', 'Could not send email.');
$message = Yii::t('users', 'Sending of the password reset verification email failed with message: {message}', array('{message}' => $status['message']));
}
}
} else {
if ($request->limitReached) {
$scenario = 'message';
$message = Yii::t('app', 'You have made too many requests to reset passwords. ' . 'Please wait one hour before trying again.');
}
}
} else {
if ($id !== null) {
// User might have arrived here through the link in a reset email.
$scenario = 'apply';
$request = PasswordReset::model()->findByPk($id);
if ($request instanceof PasswordReset && !$request->isExpired) {
// Reset request record exists.
$user = $request->user;
if ($user instanceof User) {
// ...and is valid (points to an existing user)
//
// Default message: the password entry form (initial request)
$message = Yii::t('users', 'Enter a new password for user "{user}" ({name}):', array('{user}' => $user->alias, '{name}' => CHtml::encode($user->firstName . ' ' . $user->lastName)));
$resetForm = new PasswordResetForm($user);
if (isset($_POST['PasswordResetForm'])) {
// Handle the form submission:
$resetForm->setAttributes($_POST['PasswordResetForm']);
if ($resetForm->save()) {
// Done, success.
$scenario = 'message';
$title = Yii::t('users', 'Password Has Been Reset');
$message = Yii::t('users', 'You should now have access ' . 'as "{user}" with the new password specified.', array('{user}' => $user->alias));
}
}
} else {
// Invalid request record; it does not correspond to an
// existing user, i.e. it's an "attempt" (entering an email
// address to see if that sticks).
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
$message = Yii::t('users', 'Invalid reset key.');
}
} else {
$scenario = 'message';
$title = Yii::t('users', 'Access Denied');
if ($request->isExpired) {
$message = Yii::t('users', 'The password reset link has expired.');
} else {
$message = Yii::t('users', 'Invalid reset link.');
}
}
}
}
$this->render('resetPassword', compact('scenario', 'title', 'message', 'request', 'resetForm'));
}
<?php
require_once '../Util/Database.php';
require_once '../Util/View.php';
require_once '../Util/Session.php';
require_once '../Models/PasswordReset.php';
$CF_MSG = "An email has been sent. Please follow the link to reset your password";
$ERR_MSG = "There is no account by that email";
$email = trim($_POST['email']);
$db = new Database();
$query = $db->query("SElECT email FROM USERS where email = '{$email}' ");
$data = $query->fetch(PDO::FETCH_ASSOC);
if ($data['email'] === $email) {
$password = new PasswordReset();
if ($password->sendPasswordLink($email)) {
$_SESSION['confirm_message'] = $CF_MSG;
View::render('index.php');
} else {
$_SESSION['error_message'] = "Unable to process the request. Please try again later.";
View::render('forgotpassword.php');
}
} else {
$_SESSION['error_message'] = $ERR_MSG;
View::render('forgotpassword.php');
}
/**
* Create a HTMLForm descriptor for the core login fields.
* @param FakeAuthTemplate $template B/C data (not used but needed by getBCFieldDefinitions)
* @return array
*/
protected function getFieldDefinitions($template)
{
global $wgEmailConfirmToEdit, $wgLoginLanguageSelector;
$isLoggedIn = $this->getUser()->isLoggedIn();
$continuePart = $this->isContinued() ? 'continue-' : '';
$anotherPart = $isLoggedIn ? 'another-' : '';
$expiration = $this->getRequest()->getSession()->getProvider()->getRememberUserDuration();
$expirationDays = ceil($expiration / (3600 * 24));
$secureLoginLink = '';
if ($this->mSecureLoginUrl) {
$secureLoginLink = Html::element('a', ['href' => $this->mSecureLoginUrl, 'class' => 'mw-ui-flush-right mw-secure'], $this->msg('userlogin-signwithsecure')->text());
}
$usernameHelpLink = '';
if (!$this->msg('createacct-helpusername')->isDisabled()) {
$usernameHelpLink = Html::rawElement('span', ['class' => 'mw-ui-flush-right'], $this->msg('createacct-helpusername')->parse());
}
if ($this->isSignup()) {
$fieldDefinitions = ['statusarea' => ['type' => 'info', 'raw' => true, 'default' => Html::element('div', ['id' => 'mw-createacct-status-area']), 'weight' => -105], 'username' => ['label-raw' => $this->msg('userlogin-yourname')->escaped() . $usernameHelpLink, 'id' => 'wpName2', 'placeholder-message' => $isLoggedIn ? 'createacct-another-username-ph' : 'userlogin-yourname-ph'], 'mailpassword' => ['type' => 'check', 'label-message' => 'createaccountmail', 'name' => 'wpCreateaccountMail', 'id' => 'wpCreateaccountMail'], 'password' => ['id' => 'wpPassword2', 'placeholder-message' => 'createacct-yourpassword-ph', 'hide-if' => ['===', 'wpCreateaccountMail', '1']], 'domain' => [], 'retype' => ['baseField' => 'password', 'type' => 'password', 'label-message' => 'createacct-yourpasswordagain', 'id' => 'wpRetype', 'cssclass' => 'loginPassword', 'size' => 20, 'validation-callback' => function ($value, $alldata) {
if (empty($alldata['mailpassword']) && !empty($alldata['password'])) {
if (!$value) {
return $this->msg('htmlform-required');
} elseif ($value !== $alldata['password']) {
return $this->msg('badretype');
}
}
return true;
}, 'hide-if' => ['===', 'wpCreateaccountMail', '1'], 'placeholder-message' => 'createacct-yourpasswordagain-ph'], 'email' => ['type' => 'email', 'label-message' => $wgEmailConfirmToEdit ? 'createacct-emailrequired' : 'createacct-emailoptional', 'id' => 'wpEmail', 'cssclass' => 'loginText', 'size' => '20', 'required' => $wgEmailConfirmToEdit, 'validation-callback' => function ($value, $alldata) {
global $wgEmailConfirmToEdit;
// AuthManager will check most of these, but that will make the auth
// session fail and this won't, so nicer to do it this way
if (!$value && $wgEmailConfirmToEdit) {
// no point in allowing registration without email when email is
// required to edit
return $this->msg('noemailtitle');
} elseif (!$value && !empty($alldata['mailpassword'])) {
// cannot send password via email when there is no email address
return $this->msg('noemailcreate');
} elseif ($value && !Sanitizer::validateEmail($value)) {
return $this->msg('invalidemailaddress');
}
return true;
}, 'placeholder-message' => 'createacct-' . $anotherPart . 'email-ph'], 'realname' => ['type' => 'text', 'help-message' => $isLoggedIn ? 'createacct-another-realname-tip' : 'prefs-help-realname', 'label-message' => 'createacct-realname', 'cssclass' => 'loginText', 'size' => 20, 'id' => 'wpRealName'], 'reason' => ['type' => 'text', 'label-message' => 'createacct-reason', 'cssclass' => 'loginText', 'id' => 'wpReason', 'size' => '20', 'placeholder-message' => 'createacct-reason-ph'], 'extrainput' => [], 'createaccount' => ['type' => 'submit', 'default' => $this->msg('createacct-' . $anotherPart . $continuePart . 'submit')->text(), 'name' => 'wpCreateaccount', 'id' => 'wpCreateaccount', 'weight' => 100]];
} else {
$fieldDefinitions = ['username' => ['label-raw' => $this->msg('userlogin-yourname')->escaped() . $secureLoginLink, 'id' => 'wpName1', 'placeholder-message' => 'userlogin-yourname-ph'], 'password' => ['id' => 'wpPassword1', 'placeholder-message' => 'userlogin-yourpassword-ph'], 'domain' => [], 'extrainput' => [], 'rememberMe' => ['type' => 'check', 'name' => 'wpRemember', 'label-message' => $this->msg('userlogin-remembermypassword')->numParams($expirationDays), 'id' => 'wpRemember'], 'loginattempt' => ['type' => 'submit', 'default' => $this->msg('pt-login-' . $continuePart . 'button')->text(), 'id' => 'wpLoginAttempt', 'weight' => 100], 'linkcontainer' => ['type' => 'info', 'cssclass' => 'mw-form-related-link-container mw-userlogin-help', 'raw' => true, 'default' => Html::element('a', ['href' => Skin::makeInternalOrExternalUrl(wfMessage('helplogin-url')->inContentLanguage()->text())], $this->msg('userlogin-helplink2')->text()), 'weight' => 200], 'skipReset' => ['weight' => 110, 'flags' => []]];
}
$fieldDefinitions['username'] += ['type' => 'text', 'name' => 'wpName', 'cssclass' => 'loginText', 'size' => 20];
$fieldDefinitions['password'] += ['type' => 'password', 'name' => 'wpPassword', 'cssclass' => 'loginPassword', 'size' => 20];
if ($template->get('header') || $template->get('formheader')) {
// B/C for old extensions that haven't been converted to AuthManager (or have been
// but somebody is using the old version) and still use templates via the
// UserCreateForm/UserLoginForm hook.
// 'header' used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup
// 'formheader' used by MobileFrontend
$fieldDefinitions['header'] = ['type' => 'info', 'raw' => true, 'default' => $template->get('header') ?: $template->get('formheader'), 'weight' => -110];
}
if ($this->mEntryError) {
$fieldDefinitions['entryError'] = ['type' => 'info', 'default' => Html::rawElement('div', ['class' => $this->mEntryErrorType . 'box'], $this->mEntryError), 'raw' => true, 'rawrow' => true, 'weight' => -100];
}
if (!$this->showExtraInformation()) {
unset($fieldDefinitions['linkcontainer'], $fieldDefinitions['signupend']);
}
if ($this->isSignup() && $this->showExtraInformation()) {
// blank signup footer for site customization
// uses signupend-https for HTTPS requests if it's not blank, signupend otherwise
$signupendMsg = $this->msg('signupend');
$signupendHttpsMsg = $this->msg('signupend-https');
if (!$signupendMsg->isDisabled()) {
$usingHTTPS = $this->getRequest()->getProtocol() === 'https';
$signupendText = $usingHTTPS && !$signupendHttpsMsg->isBlank() ? $signupendHttpsMsg->parse() : $signupendMsg->parse();
$fieldDefinitions['signupend'] = ['type' => 'info', 'raw' => true, 'default' => Html::rawElement('div', ['id' => 'signupend'], $signupendText), 'weight' => 225];
}
}
if (!$this->isSignup() && $this->showExtraInformation()) {
$passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton());
if ($passwordReset->isAllowed($this->getUser())->isGood()) {
$fieldDefinitions['passwordReset'] = ['type' => 'info', 'raw' => true, 'cssclass' => 'mw-form-related-link-container', 'default' => Linker::link(SpecialPage::getTitleFor('PasswordReset'), $this->msg('userlogin-resetpassword-link')->escaped()), 'weight' => 230];
}
// Don't show a "create account" link if the user can't.
if ($this->showCreateAccountLink()) {
// link to the other action
$linkTitle = $this->getTitleFor($this->isSignup() ? 'Userlogin' : 'CreateAccount');
$linkq = $this->getReturnToQueryStringFragment();
// Pass any language selection on to the mode switch link
if ($wgLoginLanguageSelector && $this->mLanguage) {
$linkq .= '&uselang=' . $this->mLanguage;
}
$loggedIn = $this->getUser()->isLoggedIn();
$fieldDefinitions['createOrLogin'] = ['type' => 'info', 'raw' => true, 'linkQuery' => $linkq, 'default' => function ($params) use($loggedIn, $linkTitle) {
return Html::rawElement('div', ['id' => 'mw-createaccount' . (!$loggedIn ? '-cta' : ''), 'class' => $loggedIn ? 'mw-form-related-link-container' : 'mw-ui-vform-field'], ($loggedIn ? '' : $this->msg('userlogin-noaccount')->escaped()) . Html::element('a', ['id' => 'mw-createaccount-join' . ($loggedIn ? '-loggedin' : ''), 'href' => $linkTitle->getLocalURL($params['linkQuery']), 'class' => $loggedIn ? '' : 'mw-ui-button', 'tabindex' => 100], $this->msg($loggedIn ? 'userlogin-createanother' : 'userlogin-joinproject')->escaped()));
}, 'weight' => 235];
}
}
$fieldDefinitions = $this->getBCFieldDefinitions($fieldDefinitions, $template);
$fieldDefinitions = array_filter($fieldDefinitions);
return $fieldDefinitions;
}
public function storeResetPassword(Request $request)
{
$id = Auth::user()->id;
$user = User::findOrFail($id);
// $input = Request::all();
// $pass = $input['password_old'];
// $pass = bcrypt($pass);
//dd($pass, $user->password);
//dd($user->password);
$this->validate($request, ['token' => 'required', 'email' => 'required|email', 'password' => 'required|confirmed']);
$credentials = $request->only('email', 'password', 'password_confirmation', 'token');
$response = $this->passwords->reset($credentials, function ($user, $password) {
$user->password = bcrypt($password);
$user->save();
$this->auth->login($user);
});
if ($pass == $user->password) {
dd('норм');
$input['created_at'] = Carbon::now();
// $input['updated_at'] = Carbon::now();
$input['email'] = 'asd@asd.a';
dd($input);
PasswordReset::create($input);
} else {
dd('хлам');
return redirect(trans('routes.locale') . '/home/{home}/edit');
}
return redirect(trans('routes.locale') . '/home/{home}/edit');
}
