3 require_once('UserMailer.php');
5 function wfSpecialUserlogin()
7 global $wgCommandLineMode;
9 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
13 $form = new LoginForm( $wgRequest );
18 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
19 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
20 var $mLoginattempt, $mRemember, $mEmail;
22 function LoginForm( &$request ) {
23 global $wgLang, $wgAllowRealName;
25 $this->mName
= $request->getText( 'wpName' );
26 $this->mPassword
= $request->getText( 'wpPassword' );
27 $this->mRetype
= $request->getText( 'wpRetype' );
28 $this->mReturnto
= $request->getVal( 'returnto' );
29 $this->mCookieCheck
= $request->getVal( "wpCookieCheck" );
30 $this->mPosted
= $request->wasPosted();
31 $this->mCreateaccount
= $request->getCheck( 'wpCreateaccount' );
32 $this->mCreateaccountMail
= $request->getCheck( 'wpCreateaccountMail' );
33 $this->mMailmypassword
= $request->getCheck( 'wpMailmypassword' );
34 $this->mLoginattempt
= $request->getCheck( 'wpLoginattempt' );
35 $this->mAction
= $request->getVal( 'action' );
36 $this->mRemember
= $request->getCheck( 'wpRemember' );
37 $this->mEmail
= $request->getText( 'wpEmail' );
38 if ($wgAllowRealName) {
39 $this->mRealName
= $request->getText( 'wpRealName' );
41 $this->mRealName
= '';
44 # When switching accounts, it sucks to get automatically logged out
45 if( $this->mReturnto
== $wgLang->specialPage( "Userlogout" ) ) {
46 $this->mReturnto
= "";
51 if ( !is_null( $this->mCookieCheck
) ) {
52 $this->onCookieRedirectCheck( $this->mCookieCheck
);
53 } else if( $this->mPosted
) {
54 if( $this->mCreateaccount
) {
55 return $this->addNewAccount();
56 } else if ( $this->mCreateaccountMail
) {
57 return $this->addNewAccountMailPassword();
58 } else if ( $this->mMailmypassword
) {
59 return $this->mailPassword();
60 } else if ( ( "submit" == $this->mAction
) ||
$this->mLoginattempt
) {
61 return $this->processLogin();
64 $this->mainLoginForm( "" );
67 /* private */ function addNewAccountMailPassword()
71 if ("" == $this->mEmail
) {
72 $this->mainLoginForm( wfMsg( "noemail", $this->mName
) );
76 $u = $this->addNewaccountInternal();
83 $error = $this->mailPasswordInternal($u);
85 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
86 $wgOut->setRobotpolicy( "noindex,nofollow" );
87 $wgOut->setArticleRelated( false );
89 if ( $error === "" ) {
90 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
91 $wgOut->returnToMain( false );
93 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
100 /* private */ function addNewAccount()
102 global $wgUser, $wgOut;
103 global $wgDeferredUpdateList;
105 $u = $this->addNewAccountInternal();
112 $wgUser->setCookies();
114 $up = new UserUpdate();
115 array_push( $wgDeferredUpdateList, $up );
117 if( $this->hasSessionCookie() ) {
118 return $this->successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
120 return $this->cookieRedirectCheck( "new" );
125 /* private */ function addNewAccountInternal()
127 global $wgUser, $wgOut;
128 global $wgMaxNameChars;
129 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
131 if (!$wgUser->isAllowedToCreateAccount()) {
132 $this->userNotPrivilegedMessage();
136 if ( 0 != strcmp( $this->mPassword
, $this->mRetype
) ) {
137 $this->mainLoginForm( wfMsg( "badretype" ) );
141 $name = trim( $this->mName
);
142 $u = User
::newFromName( $name );
143 if ( ( "" == $name ) ||
144 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
145 (strpos( $name, "/" ) !== false) ||
146 (strlen( $name ) > $wgMaxNameChars) ||
147 ucFirst($name) != $u->getName() )
149 $this->mainLoginForm( wfMsg( "noname" ) );
152 if ( wfReadOnly() ) {
153 $wgOut->readOnlyPage();
157 if ( 0 != $u->idForName() ) {
158 $this->mainLoginForm( wfMsg( "userexists" ) );
162 if ( $wgAccountCreationThrottle ) {
163 $key = "$wgDBname:acctcreate:ip:$wgIP";
164 $value = $wgMemc->incr( $key );
166 $wgMemc->set( $key, 1, 86400 );
168 if ( $value > $wgAccountCreationThrottle ) {
169 $this->throttleHit( $wgAccountCreationThrottle );
175 $u->setPassword( $this->mPassword
);
176 $u->setEmail( $this->mEmail
);
177 $u->setRealName( $this->mRealName
);
179 if ( $this->mRemember
) { $r = 1; }
181 $u->setOption( "rememberpassword", $r );
188 /* private */ function processLogin()
191 global $wgDeferredUpdateList;
193 if ( "" == $this->mName
) {
194 $this->mainLoginForm( wfMsg( "noname" ) );
197 $u = User
::newFromName( $this->mName
);
198 $id = $u->idForName();
200 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
204 $u->loadFromDatabase();
205 if (!$u->checkPassword( $this->mPassword
)) {
206 $this->mainLoginForm( wfMsg( "wrongpassword" ) );
210 # We've verified now, update the real record
212 if ( $this->mRemember
) {
214 $u->setCookiePassword( $this->mPassword
);
218 $u->setOption( "rememberpassword", $r );
221 $wgUser->setCookies();
223 $up = new UserUpdate();
224 array_push( $wgDeferredUpdateList, $up );
226 if( $this->hasSessionCookie() ) {
227 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
229 return $this->cookieRedirectCheck( "login" );
233 /* private */ function mailPassword()
235 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
236 global $wgCookiePath, $wgCookieDomain, $wgDBname;
238 if ( "" == $this->mName
) {
239 $this->mainLoginForm( wfMsg( "noname" ) );
242 $u = User
::newFromName( $this->mName
);
243 $id = $u->idForName();
245 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
249 $u->loadFromDatabase();
251 $error = $this->mailPasswordInternal( $u );
253 $this->mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
255 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
261 /* private */ function mailPasswordInternal( $u )
263 global $wgDeferredUpdateList, $wgOutputEncoding;
264 global $wgPasswordSender, $wgDBname, $wgIP;
265 global $wgCookiePath, $wgCookieDomain;
267 if ( "" == $u->getEmail() ) {
268 $this->mainLoginForm( wfMsg( "noemail", $u->getName() ) );
271 $np = User
::randomPassword();
272 $u->setNewpassword( $np );
274 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
278 if ( "" == $ip ) { $ip = "(Unknown)"; }
280 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
282 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
291 /* private */ function successfulLogin( $msg )
294 global $wgDeferredUpdateList;
297 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
298 $wgOut->setRobotpolicy( "noindex,nofollow" );
299 $wgOut->setArticleRelated( false );
300 $wgOut->addHTML( $msg );
301 $wgOut->returnToMain();
304 function userNotPrivilegedMessage()
306 global $wgOut, $wgUser, $wgLang;
308 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
309 $wgOut->setRobotpolicy( "noindex,nofollow" );
310 $wgOut->setArticleRelated( false );
312 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
314 $wgOut->returnToMain( false );
317 /* private */ function mainLoginForm( $err )
319 global $wgUser, $wgOut, $wgLang;
320 global $wgDBname, $wgAllowRealName;
322 $le = wfMsg( "loginerror" );
323 $yn = wfMsg( "yourname" );
324 $yp = wfMsg( "yourpassword" );
325 $ypa = wfMsg( "yourpasswordagain" );
326 $rmp = wfMsg( "remembermypassword" );
327 $nuo = wfMsg( "newusersonly" );
328 $li = wfMsg( "login" );
329 $ca = wfMsg( "createaccount" );
330 $cam = wfMsg( "createaccountmail" );
331 $ye = wfMsg( "youremail" );
332 if ($wgAllowRealName) {
333 $yrn = wfMsg( "yourrealname" );
337 $efl = wfMsg( "emailforlost" );
338 $mmp = wfMsg( "mailmypassword" );
339 $endText = wfMsg( "loginend" );
341 if ( $endText = "<loginend>" ) {
345 if ( "" == $this->mName
) {
346 if ( 0 != $wgUser->getID() ) {
347 $this->mName
= $wgUser->getName();
349 $this->mName
= @$_COOKIE["{$wgDBname}UserName"];
353 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
354 $wgOut->setRobotpolicy( "noindex,nofollow" );
355 $wgOut->setArticleRelated( false );
358 $lp = wfMsg( "loginprompt" );
359 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
361 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
362 color='red'>$err</font>\n" );
364 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
365 $checked = " checked";
370 $q = "action=submit";
371 if ( !empty( $this->mReturnto
) ) {
372 $q .= "&returnto=" . wfUrlencode( $this->mReturnto
);
375 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
376 $action = $titleObj->escapeLocalUrl( $q );
378 $encName = wfEscapeHTML( $this->mName
);
379 $encPassword = wfEscapeHTML( $this->mPassword
);
380 $encRetype = wfEscapeHTML( $this->mRetype
);
381 $encEmail = wfEscapeHTML( $this->mEmail
);
382 $encRealName = wfEscapeHTML( $this->mRealName
);
384 if ($wgUser->getID() != 0) {
385 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
391 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
392 <table border='0'><tr>
393 <td align='right'>$yn:</td>
395 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
398 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
402 <td align='right'>$yp:</td>
404 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
407 <input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
411 if ($wgUser->isAllowedToCreateAccount()) {
412 $encRetype = htmlspecialchars( $this->mRetype
);
413 $encEmail = htmlspecialchars( $this->mEmail
);
414 $wgOut->addHTML("<tr><td colspan='3'> </td></tr><tr>
415 <td align='right'>$ypa:</td>
417 <input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
419 </td><td>$nuo</td></tr>
421 <td align='right'>$ye:</td>
423 <input tabindex='6' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
426 if ($wgAllowRealName) {
427 $wgOut->addHTML("<td> </td>
429 <td align='right'>$yrn:</td>
431 <input tabindex='6' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
435 $wgOut->addHTML("<td align='left'>
436 <input tabindex='7' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
442 <tr><td colspan='3'> </td></tr><tr>
443 <td colspan='3' align='left'>
445 <input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
448 $wgOut->addHTML( $endText );
451 /* private */ function hasSessionCookie()
453 global $wgDisableCookieCheck;
454 return ( $wgDisableCookieCheck ) ?
true : ( "" != $_COOKIE[session_name()] );
457 /* private */ function cookieRedirectCheck( $type )
459 global $wgOut, $wgLang;
461 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
462 $check = $titleObj->getFullURL( "wpCookieCheck=$type" );
464 return $wgOut->redirect( $check );
467 /* private */ function onCookieRedirectCheck( $type ) {
470 if ( !$this->hasSessionCookie() ) {
471 if ( $type == "new" ) {
472 return $this->mainLoginForm( wfMsg( "nocookiesnew" ) );
473 } else if ( $type == "login" ) {
474 return $this->mainLoginForm( wfMsg( "nocookieslogin" ) );
477 return $this->mainLoginForm( wfMsg( "error" ) );
480 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
484 /* private */ function throttleHit( $limit ) {
487 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );