search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Special:Upload should not crash on failing previews
[mediawiki.git] / includes / specials / SpecialCreateAccount.php
blob73beafce0f5ece6a1e732256de2ca7c1d25de260
1 <?php
2 /**
3 * Implements Special:CreateAccount
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 use MediaWiki\Auth\AuthManager;
25 use MediaWiki\Logger\LoggerFactory;
26
27 /**
28 * Implements Special:CreateAccount
29 *
30 * @ingroup SpecialPage
31 */
32 class SpecialCreateAccount extends LoginSignupSpecialPage {
33 protected static $allowedActions = [
34 AuthManager::ACTION_CREATE,
35 AuthManager::ACTION_CREATE_CONTINUE
36 ];
37
38 protected static $messages = [
39 'authform-newtoken' => 'nocookiesfornew',
40 'authform-notoken' => 'sessionfailure',
41 'authform-wrongtoken' => 'sessionfailure',
42 ];
43
44 public function __construct() {
45 parent::__construct( 'CreateAccount' );
46 }
47
48 public function doesWrites() {
49 return true;
50 }
51
52 public function isRestricted() {
53 return !User::groupHasPermission( '*', 'createaccount' );
54 }
55
56 public function userCanExecute( User $user ) {
57 return $user->isAllowed( 'createaccount' );
58 }
59
60 public function checkPermissions() {
61 parent::checkPermissions();
62
63 $user = $this->getUser();
64 $status = AuthManager::singleton()->checkAccountCreatePermissions( $user );
65 if ( !$status->isGood() ) {
66 throw new ErrorPageError( 'createacct-error', $status->getMessage() );
67 }
68 }
69
70 protected function getLoginSecurityLevel() {
71 return false;
72 }
73
74 protected function getDefaultAction( $subPage ) {
75 return AuthManager::ACTION_CREATE;
76 }
77
78 public function getDescription() {
79 return $this->msg( 'createaccount' )->text();
80 }
81
82 protected function isSignup() {
83 return true;
84 }
85
86 /**
87 * Run any hooks registered for logins, then display a message welcoming
88 * the user.
89 * @param bool $direct True if the action was successful just now; false if that happened
90 * pre-redirection (so this handler was called already)
91 * @param StatusValue|null $extraMessages
92 */
93 protected function successfulAction( $direct = false, $extraMessages = null ) {
94 $session = $this->getRequest()->getSession();
95 $user = $this->targetUser ?: $this->getUser();
96
97 if ( $direct ) {
98 # Only save preferences if the user is not creating an account for someone else.
99 if ( !$this->proxyAccountCreation ) {
100 Hooks::run( 'AddNewAccount', [ $user, false ] );
101
102 // If the user does not have a session cookie at this point, they probably need to
103 // do something to their browser.
104 if ( !$this->hasSessionCookie() ) {
105 $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
106 // TODO something more specific? This used to use nocookiesnew
107 // FIXME should redirect to login page instead?
108 return;
109 }
110 } else {
111 $byEmail = false; // FIXME no way to set this
112
113 Hooks::run( 'AddNewAccount', [ $user, $byEmail ] );
114
115 $out = $this->getOutput();
116 $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );
117 if ( $byEmail ) {
118 $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
119 } else {
120 $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
121 }
122
123 $rt = Title::newFromText( $this->mReturnTo );
124 $out->addReturnTo(
125 ( $rt && !$rt->isExternal() ) ? $rt : $this->getPageTitle(),
126 wfCgiToArray( $this->mReturnToQuery )
127 );
128 return;
129 }
130 }
131
132 $this->clearToken();
133
134 # Run any hooks; display injected HTML
135 $injected_html = '';
136 $welcome_creation_msg = 'welcomecreation-msg';
137 Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html, $direct ] );
138
139 /**
140 * Let any extensions change what message is shown.
141 * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
142 * @since 1.18
143 */
144 Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
145
146 $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),
147 $welcome_creation_msg, $injected_html, $extraMessages );
148 }
149
150 protected function getToken() {
151 return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
152 }
153
154 protected function clearToken() {
155 return $this->getRequest()->getSession()->resetToken( 'createaccount' );
156 }
157
158 protected function getTokenName() {
159 return 'wpCreateaccountToken';
160 }
161
162 protected function getGroupName() {
163 return 'login';
164 }
165
166 protected function logAuthResult( $success, $status = null ) {
167 LoggerFactory::getInstance( 'authevents' )->info( 'Account creation attempt', [
168 'event' => 'accountcreation',
169 'successful' => $success,
170 'status' => $status,
171 ] );
172 }
173 }
MediaWiki Core