search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Imported latest features from the stable branch
[mediawiki.git] / includes / SpecialUserlogin.php
blob28d6d2d7d19899b9bf9caa4ec4cc60ce345b531d
1 <?
2
3 function wfSpecialUserlogin()
4 {
5 global $wpCreateaccount, $wpCreateaccountMail;
6 global $wpLoginattempt, $wpMailmypassword;
7 global $action;
8
9 $fields = array( "wpName", "wpPassword", "wpName",
10 "wpPassword", "wpRetype", "wpEmail" );
11 wfCleanFormFields( $fields );
12
13 if ( isset( $wpCreateaccount ) ) {
14 addNewAccount();
15 } else if ( isset( $wpCreateaccountMail ) ) {
16 addNewAccountMailPassword();
17 } else if ( isset( $wpMailmypassword ) ) {
18 mailPassword();
19 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
20 processLogin();
21 } else {
22 mainLoginForm( "" );
23 }
24 }
25
26
27 /* private */ function addNewAccountMailPassword()
28 {
29 global $wgOut, $wpEmail, $wpName;
30
31 if ("" == $wpEmail) {
32 $m = str_replace( "$1", $wpName, wfMsg( "noemail" ) );
33 mainLoginForm( $m );
34 return;
35 }
36
37 $u = addNewaccountInternal();
38
39 if ($u == NULL) {
40 return;
41 }
42
43 $u->saveSettings();
44 if (mailPasswordInternal($u) == NULL)
45 {
46 return;
47 }
48
49 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
50 $wgOut->setRobotpolicy( "noindex,nofollow" );
51 $wgOut->setArticleFlag( false );
52
53 $m = str_replace( "$1", $u->getName(), wfMsg( "accmailtext" ) );
54 $m = str_replace( "$2", $u->getEmail(), $m );
55 $wgOut->addWikiText( $m );
56 $wgOut->returnToMain( false );
57
58 $u = 0;
59 }
60
61
62 /* private */ function addNewAccount()
63 {
64 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
65 global $wpEmail, $wgDeferredUpdateList;
66
67 $u = addNewAccountInternal();
68
69 if ($u == NULL) {
70 return;
71 }
72
73 $wgUser = $u;
74 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "welcomecreation" ) );
75 successfulLogin( $m );
76 }
77
78
79 /* private */ function addNewAccountInternal()
80 {
81 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
82 global $wpEmail, $wgDeferredUpdateList;
83
84 if (!$wgUser->isAllowedToCreateAccount()) {
85 userNotPrivilegedMessage();
86 return;
87 }
88
89 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
90 mainLoginForm( wfMsg( "badretype" ) );
91 return;
92 }
93 $wpName = trim( $wpName );
94 if ( ( "" == $wpName ) ||
95 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $wpName ) ||
96 (strpos( $wpName, "/" ) !== false) )
97 {
98 mainLoginForm( wfMsg( "noname" ) );
99 return;
100 }
101 if ( wfReadOnly() ) {
102 $wgOut->readOnlyPage();
103 return;
104 }
105 $u = User::newFromName( $wpName );
106
107 if ( 0 != $u->idForName() ) {
108 mainLoginForm( wfMsg( "userexists" ) );
109 return;
110 }
111 $u->addToDatabase();
112 $u->setPassword( $wpPassword );
113 $u->setEmail( $wpEmail );
114 if ( 1 == $wpRemember ) { $r = 1; }
115 else { $r = 0; }
116 $u->setOption( "rememberpassword", $r );
117
118 return $u;
119 }
120
121
122
123
124 /* private */ function processLogin()
125 {
126 global $wgUser, $wpName, $wpPassword, $wpRemember;
127 global $returnto;
128
129 if ( "" == $wpName ) {
130 mainLoginForm( wfMsg( "noname" ) );
131 return;
132 }
133 $u = User::newFromName( $wpName );
134 $id = $u->idForName();
135 if ( 0 == $id ) {
136 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
137 mainLoginForm( $m );
138 return;
139 }
140 $u->setId( $id );
141 $u->loadFromDatabase();
142 $ep = $u->encryptPassword( $wpPassword );
143 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
144 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
145 mainLoginForm( wfMsg( "wrongpassword" ) );
146 return;
147 }
148 }
149
150 # We've verified now, update the real record
151 #
152 if ( 1 == $wpRemember ) {
153 $r = 1;
154 $u->setCookiePassword( $wpPassword );
155 } else {
156 $r = 0;
157 }
158 $u->setOption( "rememberpassword", $r );
159
160 $wgUser = $u;
161 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "loginsuccess" ) );
162 successfulLogin( $m );
163 }
164
165 /* private */ function mailPassword()
166 {
167 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
168 global $wgCookiePath, $wgCookieDomain, $wgDBname;
169
170 if ( "" == $wpName ) {
171 mainLoginForm( wfMsg( "noname" ) );
172 return;
173 }
174 $u = User::newFromName( $wpName );
175 $id = $u->idForName();
176 if ( 0 == $id ) {
177 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
178 mainLoginForm( $m );
179 return;
180 }
181 $u->setId( $id );
182 $u->loadFromDatabase();
183
184 if (mailPasswordInternal($u) == NULL) {
185 return;
186 }
187
188 $m = str_replace( "$1", $u->getName(), wfMsg( "passwordsent" ) );
189 mainLoginForm( $m );
190 }
191
192
193 /* private */ function mailPasswordInternal( $u )
194 {
195 global $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
196 global $wgPasswordSender;
197
198 if ( "" == $u->getEmail() ) {
199 $m = str_replace( "$1", $u->getName(), wfMsg( "noemail" ) );
200 mainLoginForm( $m );
201 return;
202 }
203 $np = User::randomPassword();
204 $u->setNewpassword( $np );
205
206 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
207 $u->saveSettings();
208
209 $ip = getenv( "REMOTE_ADDR" );
210 if ( "" == $ip ) { $ip = "(Unknown)"; }
211
212 $m = str_replace( "$1", $ip, wfMsg( "passwordremindertext" ) );
213 $m = str_replace( "$2", $u->getName(), $m );
214 $m = str_replace( "$3", $np, $m );
215
216 mail( $u->getEmail(), wfMsg( "passwordremindertitle" ), $m,
217 "MIME-Version: 1.0\r\n" .
218 "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" .
219 "Content-transfer-encoding: 8bit\r\n" .
220 "From: $wgPasswordSender" );
221
222 return $u;
223 }
224
225
226
227
228
229 /* private */ function successfulLogin( $msg )
230 {
231 global $wgUser, $wgOut, $returnto;
232 global $wgDeferredUpdateList;
233
234 $wgUser->setCookies();
235 $up = new UserUpdate();
236 array_push( $wgDeferredUpdateList, $up );
237
238 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
239 $wgOut->setRobotpolicy( "noindex,nofollow" );
240 $wgOut->setArticleFlag( false );
241 $wgOut->addHTML( $msg . "\n<p>" );
242 $wgOut->returnToMain();
243 }
244
245
246
247
248
249 function userNotPrivilegedMessage()
250 {
251 global $wgOut, $wgUser, $wgLang;
252
253 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
254 $wgOut->setRobotpolicy( "noindex,nofollow" );
255 $wgOut->setArticleFlag( false );
256
257 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
258 $wgOut->returnToMain( false );
259 }
260
261
262
263
264 /* private */ function mainLoginForm( $err )
265 {
266 global $wgUser, $wgOut, $wgLang, $returnto;
267 global $wpName, $wpPassword, $wpRetype, $wpRemember;
268 global $wpEmail, $HTTP_COOKIE_VARS, $wgDBname;
269
270 $le = wfMsg( "loginerror" );
271 $yn = wfMsg( "yourname" );
272 $yp = wfMsg( "yourpassword" );
273 $ypa = wfMsg( "yourpasswordagain" );
274 $rmp = wfMsg( "remembermypassword" );
275 $ayn = wfMsg( "areyounew" );
276 $nuo = wfMsg( "newusersonly" );
277 $li = wfMsg( "login" );
278 $ca = wfMsg( "createaccount" );
279 $cam = wfMsg( "createaccountmail" );
280 $ye = wfMsg( "youremail" );
281 $efl = wfMsg( "emailforlost" );
282 $mmp = wfMsg( "mailmypassword" );
283
284 $name = $wpName;
285 if ( "" == $name ) {
286 if ( 0 != $wgUser->getID() ) {
287 $name = $wgUser->getName();
288 } else {
289 $name = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
290 }
291 }
292 $pwd = $wpPassword;
293
294 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
295 $wgOut->setRobotpolicy( "noindex,nofollow" );
296 $wgOut->setArticleFlag( false );
297
298 if ( "" == $err ) {
299 $wgOut->addHTML( "<h2>$li:</h2>\n" );
300 } else {
301 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
302 color='red'>$err</font>\n" );
303 }
304 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
305 $checked = " checked";
306 } else {
307 $checked = "";
308 }
309 $q = "action=submit";
310 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
311 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
312
313 $wpName = wfEscapeHTML( $wpName );
314 $wpPassword = wfEscapeHTML( $wpPassword );
315 $wpRetype = wfEscapeHTML( $wpRetype );
316 $wpEmail = wfEscapeHTML( $wpEmail );
317
318 if ($wgUser->getID() != 0) {
319 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
320 }
321
322 $wgOut->addHTML( "
323 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
324 <table border=0><tr>
325 <td align=right>$yn:</td>
326 <td colspan=2 align=left>
327 <input tabindex=1 type=text name=\"wpName\" value=\"{$name}\" size=20>
328 </td></tr><tr>
329 <td align=right>$yp:</td>
330 <td align=left>
331 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$pwd}\" size=20>
332 </td>
333 <td align=left>
334 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
335 </td></tr>");
336
337 if ($wgUser->isAllowedToCreateAccount()) {
338
339 $wgOut->addHTML("<tr><td colspan=3>&nbsp;</td></tr><tr>
340 <td align=right>$ypa:</td>
341 <td align=left>
342 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$wpRetype}\"
343 size=20>
344 </td><td>$nuo</td></tr>
345 <tr>
346 <td align=right>$ye:</td>
347 <td align=left>
348 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$wpEmail}\" size=20>
349 </td><td align=left>
350 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
351 $cambutton
352 </td></tr>");
353 }
354
355 $wgOut->addHTML("
356 <tr>
357 <td colspan=3 align=left>
358 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
359 </td></tr>
360 <tr><td colspan=3>&nbsp;</td></tr><tr>
361 <td colspan=3 align=left>
362 <p>$efl<br>
363 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
364 </td></tr></table>
365 </form>\n" );
366
367
368
369 }
370
371 ?>
MediaWiki Core