/**
* @param $user User
* @param $pass string
* @param $newaddr string
* @return bool|string true or string on success, false on failure
*/
protected function attemptChange(User $user, $pass, $newaddr)
{
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
$this->error('invalidemailaddress');
return false;
}
$throttleCount = LoginForm::incLoginThrottle($user->getName());
if ($throttleCount === true) {
$this->error('login-throttled');
return false;
}
global $wgRequirePasswordforEmailChange;
if ($wgRequirePasswordforEmailChange && !$user->checkTemporaryPassword($pass) && !$user->checkPassword($pass)) {
$this->error('wrongpassword');
return false;
}
if ($throttleCount) {
LoginForm::clearLoginThrottle($user->getName());
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
$this->getOutput()->addHTML('<p class="error">' . $this->getOutput()->parseInline($status->getWikiText('mailerror')) . '</p>');
return false;
}
wfRunHooks('PrefsEmailAudit', array($user, $oldaddr, $newaddr));
$user->saveSettings();
return $status->value;
}
/**
* @param string $oldpass
* @param string $newpass
* @param string $retype
* @throws PasswordError When cannot set the new password because requirements not met.
*/
protected function attemptReset($oldpass, $newpass, $retype)
{
$isSelf = $this->mUserName === $this->getUser()->getName();
if ($isSelf) {
$user = $this->getUser();
} else {
$user = User::newFromName($this->mUserName);
}
if (!$user || $user->isAnon()) {
throw new PasswordError($this->msg('nosuchusershort', $this->mUserName)->text());
}
if ($newpass !== $retype) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'badretype'));
throw new PasswordError($this->msg('badretype')->text());
}
$throttleCount = LoginForm::incLoginThrottle($this->mUserName);
if ($throttleCount === true) {
$lang = $this->getLanguage();
$throttleInfo = $this->getConfig()->get('PasswordAttemptThrottle');
throw new PasswordError($this->msg('changepassword-throttled')->params($lang->formatDuration($throttleInfo['seconds']))->text());
}
// @todo Make these separate messages, since the message is written for both cases
if (!$user->checkTemporaryPassword($oldpass) && !$user->checkPassword($oldpass)) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'wrongpassword'));
throw new PasswordError($this->msg('resetpass-wrong-oldpass')->text());
}
// User is resetting their password to their old password
if ($oldpass === $newpass) {
throw new PasswordError($this->msg('resetpass-recycled')->text());
}
// Do AbortChangePassword after checking mOldpass, so we don't leak information
// by possibly aborting a new password before verifying the old password.
$abortMsg = 'resetpass-abort-generic';
if (!wfRunHooks('AbortChangePassword', array($user, $oldpass, $newpass, &$abortMsg))) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'abortreset'));
throw new PasswordError($this->msg($abortMsg)->text());
}
// Please reset throttle for successful logins, thanks!
if ($throttleCount) {
LoginForm::clearLoginThrottle($this->mUserName);
}
try {
$user->setPassword($newpass);
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'success'));
} catch (PasswordError $e) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'error'));
throw new PasswordError($e->getMessage());
}
if ($isSelf) {
// This is needed to keep the user connected since
// changing the password also modifies the user's token.
$remember = $this->getRequest()->getCookie('Token') !== null;
$user->setCookies(null, null, $remember);
}
$user->resetPasswordExpiration();
$user->saveSettings();
}
/**
* @throws PasswordError when cannot set the new password because requirements not met.
*/
protected function attemptReset($newpass, $retype)
{
$user = User::newFromName($this->mUserName);
if (!$user || $user->isAnon()) {
throw new PasswordError($this->msg('nosuchusershort', $this->mUserName)->text());
}
if ($newpass !== $retype) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'badretype'));
throw new PasswordError($this->msg('badretype')->text());
}
$throttleCount = LoginForm::incLoginThrottle($this->mUserName);
if ($throttleCount === true) {
throw new PasswordError($this->msg('login-throttled')->text());
}
$abortMsg = 'resetpass-abort-generic';
if (!wfRunHooks('AbortChangePassword', array($user, $this->mOldpass, $newpass, &$abortMsg))) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'abortreset'));
throw new PasswordError($this->msg($abortMsg)->text());
}
if (!$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass)) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'wrongpassword'));
throw new PasswordError($this->msg('resetpass-wrong-oldpass')->text());
}
// Please reset throttle for successful logins, thanks!
if ($throttleCount) {
LoginForm::clearLoginThrottle($this->mUserName);
}
try {
$user->setPassword($this->mNewpass);
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'success'));
$this->mNewpass = $this->mOldpass = $this->mRetypePass = '';
} catch (PasswordError $e) {
wfRunHooks('PrefsPasswordAudit', array($user, $newpass, 'error'));
throw new PasswordError($e->getMessage());
}
$user->setCookies();
$user->saveSettings();
}
/**
* @param User $user
* @param string $pass
* @param string $newaddr
* @return Status
*/
private function attemptChange(User $user, $pass, $newaddr)
{
global $wgAuth;
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
return Status::newFatal('invalidemailaddress');
}
$throttleCount = LoginForm::incLoginThrottle($user->getName());
if ($throttleCount === true) {
$lang = $this->getLanguage();
$throttleInfo = $this->getConfig()->get('PasswordAttemptThrottle');
return Status::newFatal('changeemail-throttled', $lang->formatDuration($throttleInfo['seconds']));
}
if ($this->getConfig()->get('RequirePasswordforEmailChange') && !$user->checkTemporaryPassword($pass) && !$user->checkPassword($pass)) {
return Status::newFatal('wrongpassword');
}
if ($throttleCount) {
LoginForm::clearLoginThrottle($user->getName());
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
return $status;
}
Hooks::run('PrefsEmailAudit', array($user, $oldaddr, $newaddr));
$user->saveSettings();
$wgAuth->updateExternalDB($user);
return $status;
}
/**
* @return bool|string true or string on success, false on failure
*/
protected function attemptChange(User $user, $pass, $newaddr)
{
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
$this->error('invalidemailaddress');
return false;
}
$throttleCount = LoginForm::incLoginThrottle($user->getName());
if ($throttleCount === true) {
$this->error('login-throttled');
return false;
}
if (!$user->checkTemporaryPassword($pass) && !$user->checkPassword($pass)) {
$this->error('wrongpassword');
return false;
}
if ($throttleCount) {
LoginForm::clearLoginThrottle($user->getName());
}
list($status, $info) = Preferences::trySetUserEmail($user, $newaddr);
if ($status !== true) {
if ($status instanceof Status) {
$this->getOutput()->addHTML('<p class="error">' . $this->getOutput()->parseInline($status->getWikiText($info)) . '</p>');
}
return false;
}
$user->saveSettings();
return $info ? $info : true;
}
/**
* @throws PasswordError when cannot set the new password because requirements not met.
*/
protected function attemptReset( $newpass, $retype ) {
global $wgPasswordAttemptThrottle;
$isSelf = ( $this->mUserName === $this->getUser()->getName() );
if ( $isSelf ) {
$user = $this->getUser();
} else {
$user = User::newFromName( $this->mUserName );
}
if ( !$user || $user->isAnon() ) {
throw new PasswordError( $this->msg( 'nosuchusershort', $this->mUserName )->text() );
}
if ( $newpass !== $retype ) {
wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'badretype' ) );
throw new PasswordError( $this->msg( 'badretype' )->text() );
}
$throttleCount = LoginForm::incLoginThrottle( $this->mUserName );
if ( $throttleCount === true ) {
$lang = $this->getLanguage();
throw new PasswordError( $this->msg( 'login-throttled' )
->params( $lang->formatDuration( $wgPasswordAttemptThrottle['seconds'] ) )
->text()
);
}
$abortMsg = 'resetpass-abort-generic';
if ( !wfRunHooks( 'AbortChangePassword', array( $user, $this->mOldpass, $newpass, &$abortMsg ) ) ) {
wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'abortreset' ) );
throw new PasswordError( $this->msg( $abortMsg )->text() );
}
if ( !$user->checkTemporaryPassword( $this->mOldpass ) && !$user->checkPassword( $this->mOldpass ) ) {
wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
throw new PasswordError( $this->msg( 'resetpass-wrong-oldpass' )->text() );
}
// Please reset throttle for successful logins, thanks!
if ( $throttleCount ) {
LoginForm::clearLoginThrottle( $this->mUserName );
}
try {
$user->setPassword( $this->mNewpass );
wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'success' ) );
$this->mNewpass = $this->mOldpass = $this->mRetype = '';
} catch ( PasswordError $e ) {
wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'error' ) );
throw new PasswordError( $e->getMessage() );
}
if ( $isSelf ) {
// This is needed to keep the user connected since
// changing the password also modifies the user's token.
$user->setCookies();
}
$user->saveSettings();
}