TheCatPlusPlus/gist:f7f728fd92979f42877a Secret

## gistfile1.diff
diff -Nruw -x messages -x '*.png' -x '*.jpg' -x '*.xcf' -x '*.gif' -x '*.svg' -x '*.tiff' -x '*.zip' -x '*.xmp' -x '.git*' mediawiki-1.22.4/includes/specials/SpecialChangePassword.php mediawiki-1.22.5/includes/specials/SpecialChangePassword.php
--- mediawiki-1.22.4/includes/specials/SpecialChangePassword.php	2014-03-28 00:04:50.936847765 +0000
+++ mediawiki-1.22.5/includes/specials/SpecialChangePassword.php	2014-03-28 00:01:51.189782366 +0000
@@ -52,6 +52,11 @@
 		$this->mDomain = $request->getVal( 'wpDomain' );

 		$user = $this->getUser();
+
+		if ( !$user->isLoggedIn() && !LoginForm::getLoginToken() ) {
+			LoginForm::setLoginToken();
+		}
+
 		if ( !$request->wasPosted() && !$user->isLoggedIn() ) {
 			$this->error( $this->msg( 'resetpass-no-info' )->text() );

@@ -81,6 +86,14 @@
 					return;
 				}

+				if ( !$user->isLoggedIn()
+					&& $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken()
+				) {
+					// Potential CSRF (bug 62497)
+					$this->error( $this->msg( 'sessionfailure' )->text() );
+					return false;
+				}
+
 				$this->attemptReset( $this->mNewpass, $this->mRetype );

 				if ( $user->isLoggedIn() ) {
@@ -157,6 +170,9 @@
 			'wpName' => $this->mUserName,
 			'wpDomain' => $this->mDomain,
 		) + $this->getRequest()->getValues( 'returnto', 'returntoquery' );
+		if ( !$user->isLoggedIn() ) {
+			$hiddenFields['wpLoginOnChangeToken'] = LoginForm::getLoginToken();
+		}
 		$hiddenFieldsStr = '';
 		foreach ( $hiddenFields as $fieldname => $fieldvalue ) {
 			$hiddenFieldsStr .= Html::hidden( $fieldname, $fieldvalue ) . "\n";
	diff -Nruw -x messages -x '.png' -x '.jpg' -x '.xcf' -x '.gif' -x '.svg' -x '.tiff' -x '.zip' -x '.xmp' -x '.git*' mediawiki-1.22.4/includes/specials/SpecialChangePassword.php mediawiki-1.22.5/includes/specials/SpecialChangePassword.php
	--- mediawiki-1.22.4/includes/specials/SpecialChangePassword.php 2014-03-28 00:04:50.936847765 +0000
	+++ mediawiki-1.22.5/includes/specials/SpecialChangePassword.php 2014-03-28 00:01:51.189782366 +0000
	@@ -52,6 +52,11 @@
	$this->mDomain = $request->getVal( 'wpDomain' );

	$user = $this->getUser();
	+
	+ if ( !$user->isLoggedIn() && !LoginForm::getLoginToken() ) {
	+ LoginForm::setLoginToken();
	+ }
	+
	if ( !$request->wasPosted() && !$user->isLoggedIn() ) {
	$this->error( $this->msg( 'resetpass-no-info' )->text() );

	@@ -81,6 +86,14 @@
	return;
	}

	+ if ( !$user->isLoggedIn()
	+ && $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken()
	+ ) {
	+ // Potential CSRF (bug 62497)
	+ $this->error( $this->msg( 'sessionfailure' )->text() );
	+ return false;
	+ }
	+
	$this->attemptReset( $this->mNewpass, $this->mRetype );

	if ( $user->isLoggedIn() ) {
	@@ -157,6 +170,9 @@
	'wpName' => $this->mUserName,
	'wpDomain' => $this->mDomain,
	) + $this->getRequest()->getValues( 'returnto', 'returntoquery' );
	+ if ( !$user->isLoggedIn() ) {
	+ $hiddenFields['wpLoginOnChangeToken'] = LoginForm::getLoginToken();
	+ }
	$hiddenFieldsStr = '';
	foreach ( $hiddenFields as $fieldname => $fieldvalue ) {
	$hiddenFieldsStr .= Html::hidden( $fieldname, $fieldvalue ) . "\n";