Index: Desktop/SVN/phase3/includes/User.php =================================================================== --- Desktop/SVN/phase3/includes/User.php (revision 45191) +++ Desktop/SVN/phase3/includes/User.php (working copy) @@ -2704,9 +2704,19 @@ * sent by e-mail for password reset operations. * @return \bool True if matches, false otherwise */ - function checkTemporaryPassword( $plaintext ) { - return self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ); - } + function checkTemporaryPassword( $plaintext ) { + if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) { + $this->load(); + $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry; + return ( time() < $expiry ); + } else { + return false; + } + } /** * Initialize (if necessary) and return a session token value Index: Desktop/SVN/phase3/includes/DefaultSettings.php =================================================================== --- Desktop/SVN/phase3/includes/DefaultSettings.php (revision 45191) +++ Desktop/SVN/phase3/includes/DefaultSettings.php (working copy) @@ -521,6 +521,12 @@ $wgPasswordReminderResendTime = 24; /** + * The time, in seconds, when an emailed temporary password expires. + */ +$wgNewPasswordExpiry = 604800; + + +/** * SMTP Mode * For using a direct (authenticated) SMTP server connection. * Default to false or fill an array : Index: Desktop/SVN/phase3/includes/specials/SpecialUserlogin.php =================================================================== --- Desktop/SVN/phase3/includes/specials/SpecialUserlogin.php (revision 45191) +++ Desktop/SVN/phase3/includes/specials/SpecialUserlogin.php (working copy) @@ -654,7 +654,7 @@ * @private */ function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle', $emailText = 'passwordremindertext' ) { - global $wgServer, $wgScript, $wgUser; + global $wgServer, $wgScript, $wgUser, $wgNewPasswordExpiry; if ( '' == $u->getEmail() ) { return new WikiError( wfMsg( 'noemail', $u->getName() ) ); @@ -670,7 +670,7 @@ $u->setNewpassword( $np, $throttle ); $u->saveSettings(); - $m = wfMsg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript ); + $m = wfMsg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript, round( $wgNewPasswordExpiry / 86400 ) ); $result = $u->sendMail( wfMsg( $emailTitle ), $m ); return $result; Index: Desktop/SVN/phase3/languages/messages/MessagesEn.php =================================================================== --- Desktop/SVN/phase3/languages/messages/MessagesEn.php (revision 45191) +++ Desktop/SVN/phase3/languages/messages/MessagesEn.php (working copy) @@ -938,6 +938,7 @@ password for {{SITENAME}} ($4). A temporary password for user "$2" has been created and was set to "$3". If this was your intent, you will need to log in and choose a new password now. +Your temporary password will expire in {{PLURAL:$5|one day|$5 days}}. If someone else made this request, or if you have remembered your password, and you no longer wish to change it, you may ignore this message and