5 * @subpackage SpecialPage
11 require_once('UserMailer.php');
16 function wfSpecialUserlogin() {
17 global $wgCommandLineMode;
19 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get('session.name')] ) ) {
23 $form = new LoginForm( $wgRequest );
30 * @subpackage SpecialPage
33 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
34 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
35 var $mLoginattempt, $mRemember, $mEmail;
37 function LoginForm( &$request ) {
38 global $wgLang, $wgAllowRealName;
40 $this->mName
= $request->getText( 'wpName' );
41 $this->mPassword
= $request->getText( 'wpPassword' );
42 $this->mRetype
= $request->getText( 'wpRetype' );
43 $this->mReturnto
= $request->getVal( 'returnto' );
44 $this->mCookieCheck
= $request->getVal( 'wpCookieCheck' );
45 $this->mPosted
= $request->wasPosted();
46 $this->mCreateaccount
= $request->getCheck( 'wpCreateaccount' );
47 $this->mCreateaccountMail
= $request->getCheck( 'wpCreateaccountMail' );
48 $this->mMailmypassword
= $request->getCheck( 'wpMailmypassword' );
49 $this->mLoginattempt
= $request->getCheck( 'wpLoginattempt' );
50 $this->mAction
= $request->getVal( 'action' );
51 $this->mRemember
= $request->getCheck( 'wpRemember' );
52 $this->mEmail
= $request->getText( 'wpEmail' );
53 if ($wgAllowRealName) {
54 $this->mRealName
= $request->getText( 'wpRealName' );
56 $this->mRealName
= '';
59 # When switching accounts, it sucks to get automatically logged out
60 if( $this->mReturnto
== $wgLang->specialPage( 'Userlogout' ) ) {
61 $this->mReturnto
= '';
66 if ( !is_null( $this->mCookieCheck
) ) {
67 $this->onCookieRedirectCheck( $this->mCookieCheck
);
69 } else if( $this->mPosted
) {
70 if( $this->mCreateaccount
) {
71 return $this->addNewAccount();
72 } else if ( $this->mCreateaccountMail
) {
73 return $this->addNewAccountMailPassword();
74 } else if ( $this->mMailmypassword
) {
75 return $this->mailPassword();
76 } else if ( ( 'submit' == $this->mAction
) ||
$this->mLoginattempt
) {
77 return $this->processLogin();
80 $this->mainLoginForm( '' );
86 function addNewAccountMailPassword() {
89 if ('' == $this->mEmail
) {
90 $this->mainLoginForm( wfMsg( 'noemail', htmlspecialchars( $this->mName
) ) );
94 $u = $this->addNewaccountInternal();
101 $error = $this->mailPasswordInternal($u);
103 $wgOut->setPageTitle( wfMsg( 'accmailtitle' ) );
104 $wgOut->setRobotpolicy( 'noindex,nofollow' );
105 $wgOut->setArticleRelated( false );
107 if ( $error === '' ) {
108 $wgOut->addWikiText( wfMsg( 'accmailtext', $u->getName(), $u->getEmail() ) );
109 $wgOut->returnToMain( false );
111 $this->mainLoginForm( wfMsg( 'mailerror', $error ) );
121 function addNewAccount() {
122 global $wgUser, $wgOut;
123 global $wgDeferredUpdateList;
125 $u = $this->addNewAccountInternal();
132 $wgUser->setCookies();
134 $up = new UserUpdate();
135 array_push( $wgDeferredUpdateList, $up );
137 if( $this->hasSessionCookie() ) {
138 return $this->successfulLogin( wfMsg( 'welcomecreation', $wgUser->getName() ) );
140 return $this->cookieRedirectCheck( 'new' );
148 function addNewAccountInternal() {
149 global $wgUser, $wgOut;
150 global $wgMaxNameChars;
151 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
153 if (!$wgUser->isAllowedToCreateAccount()) {
154 $this->userNotPrivilegedMessage();
158 if ( 0 != strcmp( $this->mPassword
, $this->mRetype
) ) {
159 $this->mainLoginForm( wfMsg( 'badretype' ) );
163 $name = trim( $this->mName
);
164 $u = User
::newFromName( $name );
165 if ( is_null( $u ) ||
167 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
168 (strpos( $name, "/" ) !== false) ||
169 (strlen( $name ) > $wgMaxNameChars) ||
170 ucFirst($name) != $u->getName() )
172 $this->mainLoginForm( wfMsg( 'noname' ) );
175 if ( wfReadOnly() ) {
176 $wgOut->readOnlyPage();
180 if ( 0 != $u->idForName() ) {
181 $this->mainLoginForm( wfMsg( 'userexists' ) );
185 if ( $wgAccountCreationThrottle ) {
186 $key = $wgDBname.':acctcreate:ip:'.$wgIP;
187 $value = $wgMemc->incr( $key );
189 $wgMemc->set( $key, 1, 86400 );
191 if ( $value > $wgAccountCreationThrottle ) {
192 $this->throttleHit( $wgAccountCreationThrottle );
198 $u->setPassword( $this->mPassword
);
199 $u->setEmail( $this->mEmail
);
200 $u->setRealName( $this->mRealName
);
202 if ( $this->mRemember
) { $r = 1; }
204 $u->setOption( 'rememberpassword', $r );
212 function processLogin() {
214 global $wgDeferredUpdateList;
216 if ( '' == $this->mName
) {
217 $this->mainLoginForm( wfMsg( 'noname' ) );
220 $u = User
::newFromName( $this->mName
);
221 if( is_null( $u ) ) {
222 $this->mainLoginForm( wfMsg( 'noname' ) );
225 $id = $u->idForName();
227 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
231 $u->loadFromDatabase();
232 if (!$u->checkPassword( $this->mPassword
)) {
233 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
237 # We've verified now, update the real record
239 if ( $this->mRemember
) {
244 $u->setOption( 'rememberpassword', $r );
247 $wgUser->setCookies();
249 $up = new UserUpdate();
250 array_push( $wgDeferredUpdateList, $up );
252 if( $this->hasSessionCookie() ) {
253 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
255 return $this->cookieRedirectCheck( 'login' );
262 function mailPassword() {
263 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
264 global $wgCookiePath, $wgCookieDomain, $wgDBname;
266 if ( '' == $this->mName
) {
267 $this->mainLoginForm( wfMsg( 'noname' ) );
270 $u = User
::newFromName( $this->mName
);
271 if( is_null( $u ) ) {
272 $this->mainLoginForm( wfMsg( 'noname' ) );
275 $id = $u->idForName();
277 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
281 $u->loadFromDatabase();
283 $error = $this->mailPasswordInternal( $u );
285 $this->mainLoginForm( wfMsg( 'passwordsent', $u->getName() ) );
287 $this->mainLoginForm( wfMsg( 'mailerror', $error ) );
296 function mailPasswordInternal( $u ) {
297 global $wgDeferredUpdateList, $wgOutputEncoding;
298 global $wgPasswordSender, $wgDBname, $wgIP;
299 global $wgCookiePath, $wgCookieDomain;
301 if ( '' == $u->getEmail() ) {
302 return wfMsg( 'noemail', $u->getName() );
304 $np = User
::randomPassword();
305 $u->setNewpassword( $np );
307 setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain );
311 if ( '' == $ip ) { $ip = '(Unknown)'; }
313 $m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np );
315 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( 'passwordremindertitle' ), $m );
317 return htmlspecialchars( $error );
324 function successfulLogin( $msg ) {
326 global $wgDeferredUpdateList;
329 $wgOut->setPageTitle( wfMsg( 'loginsuccesstitle' ) );
330 $wgOut->setRobotpolicy( 'noindex,nofollow' );
331 $wgOut->setArticleRelated( false );
332 $wgOut->addWikiText( $msg );
333 $wgOut->returnToMain();
336 function userNotPrivilegedMessage() {
337 global $wgOut, $wgUser, $wgLang;
339 $wgOut->setPageTitle( wfMsg( 'whitelistacctitle' ) );
340 $wgOut->setRobotpolicy( 'noindex,nofollow' );
341 $wgOut->setArticleRelated( false );
343 $wgOut->addWikiText( wfMsg( 'whitelistacctext' ) );
345 $wgOut->returnToMain( false );
351 function mainLoginForm( $err ) {
352 global $wgUser, $wgOut, $wgLang;
353 global $wgDBname, $wgAllowRealName;
355 $le = wfMsg( 'loginerror' );
356 $yn = wfMsg( 'yourname' );
357 $yp = wfMsg( 'yourpassword' );
358 $ypa = wfMsg( 'yourpasswordagain' );
359 $rmp = wfMsg( 'remembermypassword' );
360 $nuo = wfMsg( 'newusersonly' );
361 $li = wfMsg( 'login' );
362 $ca = wfMsg( 'createaccount' );
363 $cam = wfMsg( 'createaccountmail' );
364 $ye = wfMsg( 'youremail' );
365 if( $wgAllowRealName ) {
366 $yrn = wfMsg( 'yourrealname' );
370 $efl = wfMsg( 'emailforlost' );
371 $mmp = wfMsg( 'mailmypassword' );
372 $endText = wfMsg( 'loginend' );
374 if ( $endText == '<loginend>' ) {
378 if ( '' == $this->mName
) {
379 if ( 0 != $wgUser->getID() ) {
380 $this->mName
= $wgUser->getName();
382 $this->mName
= @$_COOKIE[$wgDBname.'UserName'];
386 $wgOut->setPageTitle( wfMsg( 'userlogin' ) );
387 $wgOut->setRobotpolicy( 'noindex,nofollow' );
388 $wgOut->setArticleRelated( false );
391 $lp = wfMsg( 'loginprompt' );
392 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
394 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
395 color='red'>$err</font>\n" );
397 if ( 1 == $wgUser->getOption( 'rememberpassword' ) ) {
398 $checked = ' checked';
403 $q = 'action=submit';
404 if ( !empty( $this->mReturnto
) ) {
405 $q .= '&returnto=' . wfUrlencode( $this->mReturnto
);
408 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
409 $action = $titleObj->escapeLocalUrl( $q );
411 $encName = htmlspecialchars( $this->mName
);
412 $encPassword = htmlspecialchars( $this->mPassword
);
413 $encRetype = htmlspecialchars( $this->mRetype
);
414 $encEmail = htmlspecialchars( $this->mEmail
);
415 $encRealName = htmlspecialchars( $this->mRealName
);
417 if ($wgUser->getID() != 0) {
418 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
424 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
425 <table border='0'><tr>
426 <td align='right'>$yn:</td>
428 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
431 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
435 <td align='right'>$yp:</td>
437 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
440 <input tabindex='4' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
444 if ($wgUser->isAllowedToCreateAccount()) {
445 $encRetype = htmlspecialchars( $this->mRetype
);
446 $encEmail = htmlspecialchars( $this->mEmail
);
447 $wgOut->addHTML("<tr><td colspan='3'> </td></tr><tr>
448 <td align='right'>$ypa:</td>
450 <input tabindex='5' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
452 </td><td>$nuo</td></tr>
454 <td align='right'>$ye:</td>
456 <input tabindex='7' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
459 if ($wgAllowRealName) {
460 $wgOut->addHTML("<td> </td>
462 <td align='right'>$yrn:</td>
464 <input tabindex='8' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
468 $wgOut->addHTML("<td align='left'>
469 <input tabindex='9' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
475 <tr><td colspan='3'> </td></tr><tr>
476 <td colspan='3' align='left'>
478 <input tabindex='10' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
481 $wgOut->addHTML( $endText );
487 function hasSessionCookie() {
488 global $wgDisableCookieCheck;
489 return ( $wgDisableCookieCheck ) ?
true : ( '' != $_COOKIE[session_name()] );
495 function cookieRedirectCheck( $type ) {
496 global $wgOut, $wgLang;
498 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
499 $check = $titleObj->getFullURL( 'wpCookieCheck='.$type );
501 return $wgOut->redirect( $check );
507 function onCookieRedirectCheck( $type ) {
510 if ( !$this->hasSessionCookie() ) {
511 if ( $type == 'new' ) {
512 return $this->mainLoginForm( wfMsg( 'nocookiesnew' ) );
513 } else if ( $type == 'login' ) {
514 return $this->mainLoginForm( wfMsg( 'nocookieslogin' ) );
517 return $this->mainLoginForm( wfMsg( 'error' ) );
520 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
527 function throttleHit( $limit ) {
530 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );