silverstripe-framework/src/Security/MemberAuthenticator/ChangePasswordForm.php

<?php

namespace SilverStripe\Security\MemberAuthenticator;

use SilverStripe\Control\Session;
use SilverStripe\Control\RequestHandler;
use SilverStripe\Forms\FieldList;
use SilverStripe\Forms\FormField;
use SilverStripe\Forms\PasswordField;
use SilverStripe\Forms\FormAction;
use SilverStripe\Forms\HiddenField;
use SilverStripe\Forms\Form;
use SilverStripe\Security\Security;

/**
 * Standard Change Password Form
 */
class ChangePasswordForm extends Form
{
    /**
     * Constructor
     *
     * @param RequestHandler $controller The parent controller, necessary to create the appropriate form action tag.
     * @param string $name The method on the controller that will return this form object.
     * @param FieldList|FormField $fields All of the fields in the form - a {@link FieldList} of
     * {@link FormField} objects.
     * @param FieldList|FormAction $actions All of the action buttons in the form - a {@link FieldList} of
     */
    public function __construct($controller, $name, $fields = null, $actions = null)
    {
        $backURL = $controller->getBackURL() ?: Session::get('BackURL');

        if (!$fields) {
            $fields = new FieldList();

            // Security/changepassword?h=XXX redirects to Security/changepassword
            // without GET parameter to avoid potential HTTP referer leakage.
            // In this case, a user is not logged in, and no 'old password' should be necessary.
            if (Security::getCurrentUser()) {
                $fields->push(new PasswordField("OldPassword", _t('SilverStripe\\Security\\Member.YOUROLDPASSWORD', "Your old password")));
            }

            $fields->push(new PasswordField("NewPassword1", _t('SilverStripe\\Security\\Member.NEWPASSWORD', "New Password")));
            $fields->push(new PasswordField("NewPassword2", _t('SilverStripe\\Security\\Member.CONFIRMNEWPASSWORD', "Confirm New Password")));
        }
        if (!$actions) {
            $actions = new FieldList(
                new FormAction("doChangePassword", _t('SilverStripe\\Security\\Member.BUTTONCHANGEPASSWORD', "Change Password"))
            );
        }

        if ($backURL) {
            $fields->push(new HiddenField('BackURL', false, $backURL));
        }

        parent::__construct($controller, $name, $fields, $actions);
    }

    /**
     * @return ChangePasswordHandler
     */
    protected function buildRequestHandler()
    {
        return ChangePasswordHandler::create($this);
    }
}
Moved Sapphire module to open source path git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@39001 467b73ca-7a2a-4603-9d3b-597d59a354a9 2007-07-19 10:40:28 +00:00			`<?php`
API Apply Framework\Security namespace 2016-06-23 11:37:22 +12:00
Refactoring of authenticators Further down the line, I'm only returning the `Member` on the doLogin, so it's possible for the Handler or Extending Handler to move to a second step. Also cleaned up some minor typos I ran in to. Nothing major. This solution works and is manually tested for now. Supports multiple login forms that end up in the correct handler. I haven't gotten past the handler yet, as I've yet to refactor my Yubiauth implementation. FIX: Corrections to the multi-login-form support. Importantly, the system provide a URL-space for each handler, e.g. “Security/login/default” and “Security/login/other”. This is much cleaner than identifying the active authenticator by a get parameter, and means that the tabbed interface is only needed on the very first view. Note that you can test this without a module simply by loading the default authenticator twice: SilverStripe\Security\Security: authenticators: default: SilverStripe\Security\MemberAuthenticator\Authenticator other: SilverStripe\Security\MemberAuthenticator\Authenticator FIX: Refactor delegateToHandler / delegateToHandlers to have less duplicated code. 2017-04-22 16:30:10 +12:00			`namespace SilverStripe\Security\MemberAuthenticator;`
API Apply Framework\Security namespace 2016-06-23 11:37:22 +12:00
API Namespace all classes Namespace all templates Move difflib and BBCodeParser2 to thirdparty Remove deprecated API marked for removal in 4.0 2016-08-19 10:51:35 +12:00			`use SilverStripe\Control\Session;`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`use SilverStripe\Control\RequestHandler;`
API Namespace all classes Namespace all templates Move difflib and BBCodeParser2 to thirdparty Remove deprecated API marked for removal in 4.0 2016-08-19 10:51:35 +12:00			`use SilverStripe\Forms\FieldList;`
			`use SilverStripe\Forms\FormField;`
			`use SilverStripe\Forms\PasswordField;`
			`use SilverStripe\Forms\FormAction;`
			`use SilverStripe\Forms\HiddenField;`
			`use SilverStripe\Forms\Form;`
Separate out the log-out handling. Repairing tests and regressions Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()` Fix for the logout handler to properly logout, some minor wording updates Remove the login hashes for the member when logging out. BasicAuth to use `HTTPRequest` 2017-05-20 16:32:25 +12:00			`use SilverStripe\Security\Security;`
API Apply Framework\Security namespace 2016-06-23 11:37:22 +12:00
mlanthaler: Newly implemented "I've lost my password" feature that works also with encrypted passwords (ticket #48). There are some (cosmetically) things that should be fixed, but everything work as it should. Will fix those things after my vacation. (merged from branches/gsoc) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@41976 467b73ca-7a2a-4603-9d3b-597d59a354a9 2007-09-16 00:32:48 +00:00			`/**`
			`* Standard Change Password Form`
			`*/`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`class ChangePasswordForm extends Form`
			`{`
			`/**`
			`* Constructor`
			`*`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`* @param RequestHandler $controller The parent controller, necessary to create the appropriate form action tag.`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`* @param string $name The method on the controller that will return this form object.`
			`* @param FieldList\|FormField $fields All of the fields in the form - a {@link FieldList} of`
			`* {@link FormField} objects.`
			`* @param FieldList\|FormAction $actions All of the action buttons in the form - a {@link FieldList} of`
			`*/`
			`public function __construct($controller, $name, $fields = null, $actions = null)`
			`{`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`$backURL = $controller->getBackURL() ?: Session::get('BackURL');`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00
			`if (!$fields) {`
			`$fields = new FieldList();`

			`// Security/changepassword?h=XXX redirects to Security/changepassword`
			`// without GET parameter to avoid potential HTTP referer leakage.`
			`// In this case, a user is not logged in, and no 'old password' should be necessary.`
Separate out the log-out handling. Repairing tests and regressions Consistently use `Security::getCurrentUser()` and `Security::setCurrentUser()` Fix for the logout handler to properly logout, some minor wording updates Remove the login hashes for the member when logging out. BasicAuth to use `HTTPRequest` 2017-05-20 16:32:25 +12:00			`if (Security::getCurrentUser()) {`
Ran upgrader for lang files 2017-04-20 13:15:24 +12:00			`$fields->push(new PasswordField("OldPassword", _t('SilverStripe\\Security\\Member.YOUROLDPASSWORD', "Your old password")));`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`}`

Ran upgrader for lang files 2017-04-20 13:15:24 +12:00			`$fields->push(new PasswordField("NewPassword1", _t('SilverStripe\\Security\\Member.NEWPASSWORD', "New Password")));`
			`$fields->push(new PasswordField("NewPassword2", _t('SilverStripe\\Security\\Member.CONFIRMNEWPASSWORD', "Confirm New Password")));`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`}`
			`if (!$actions) {`
			`$actions = new FieldList(`
Ran upgrader for lang files 2017-04-20 13:15:24 +12:00			`new FormAction("doChangePassword", _t('SilverStripe\\Security\\Member.BUTTONCHANGEPASSWORD', "Change Password"))`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`);`
			`}`

API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`if ($backURL) {`
			`$fields->push(new HiddenField('BackURL', false, $backURL));`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`}`

			`parent::__construct($controller, $name, $fields, $actions);`
			`}`

			`/**`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`* @return ChangePasswordHandler`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`*/`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`protected function buildRequestHandler()`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`{`
API Refactor Form request handling into FormRequestHandler API Add HasRequestHandler interface API Refactor Link() and url handling behaviour from Controller into RequestHandler API RequestHandler classes now must define url_segment to have a default Link() API Clean up redirectBack() 2017-03-02 15:24:38 +13:00			`return ChangePasswordHandler::create($this);`
PSR2: Whitespace-only changes 2016-11-29 12:31:16 +13:00			`}`
Moved Sapphire module to open source path git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@39001 467b73ca-7a2a-4603-9d3b-597d59a354a9 2007-07-19 10:40:28 +00:00			`}`