search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Link fix for "About protected pages"
[mediawiki.git] / includes / SpecialUserlogin.php
blob0cb8a2e47c5bb4f1715b362299236153a5015a9b
1 <?
2
3 function wfSpecialUserlogin()
4 {
5 global $wpCreateaccount, $wpCreateaccountMail;
6 global $wpLoginattempt, $wpMailmypassword;
7 global $action;
8
9 $fields = array( "wpName", "wpPassword", "wpName",
10 "wpPassword", "wpRetype", "wpEmail" );
11 wfCleanFormFields( $fields );
12
13 if ( isset( $wpCreateaccount ) ) {
14 addNewAccount();
15 } else if ( isset( $wpCreateaccountMail ) ) {
16 addNewAccountMailPassword();
17 } else if ( isset( $wpMailmypassword ) ) {
18 mailPassword();
19 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
20 processLogin();
21 } else {
22 mainLoginForm( "" );
23 }
24 }
25
26
27 /* private */ function addNewAccountMailPassword()
28 {
29 global $wgOut, $wpEmail, $wpName;
30
31 if ("" == $wpEmail) {
32 $m = str_replace( "$1", $wpName, wfMsg( "noemail" ) );
33 mainLoginForm( $m );
34 return;
35 }
36
37 $u = addNewaccountInternal();
38
39 if ($u == NULL) {
40 return;
41 }
42
43 $u->saveSettings();
44 if (mailPasswordInternal($u) == NULL)
45 {
46 return;
47 }
48
49 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
50 $wgOut->setRobotpolicy( "noindex,nofollow" );
51 $wgOut->setArticleFlag( false );
52
53 $m = str_replace( "$1", $u->getName(), wfMsg( "accmailtext" ) );
54 $m = str_replace( "$2", $u->getEmail(), $m );
55 $wgOut->addWikiText( $m );
56 $wgOut->returnToMain( false );
57
58 $u = 0;
59 }
60
61
62 /* private */ function addNewAccount()
63 {
64 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
65 global $wpEmail, $wgDeferredUpdateList;
66
67 $u = addNewAccountInternal();
68
69 if ($u == NULL) {
70 return;
71 }
72
73 $wgUser = $u;
74 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "welcomecreation" ) );
75 successfulLogin( $m );
76 }
77
78
79 /* private */ function addNewAccountInternal()
80 {
81 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
82 global $wpEmail, $wgDeferredUpdateList;
83
84 if (!$wgUser->isAllowedToCreateAccount()) {
85 userNotPrivilegedMessage();
86 return;
87 }
88
89 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
90 mainLoginForm( wfMsg( "badretype" ) );
91 return;
92 }
93 $wpName = trim( $wpName );
94 if ( ( "" == $wpName ) ||
95 preg_match( "/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/", $wpName ) ||
96 (strpos( $wpName, "/" ) !== false) )
97 {
98 mainLoginForm( wfMsg( "noname" ) );
99 return;
100 }
101 if ( wfReadOnly() ) {
102 $wgOut->readOnlyPage();
103 return;
104 }
105 $u = User::newFromName( $wpName );
106
107 if ( 0 != $u->idForName() ) {
108 mainLoginForm( wfMsg( "userexists" ) );
109 return;
110 }
111 $u->addToDatabase();
112 $u->setPassword( $wpPassword );
113 $u->setEmail( $wpEmail );
114 if ( 1 == $wpRemember ) { $r = 1; }
115 else { $r = 0; }
116 $u->setOption( "rememberpassword", $r );
117
118 return $u;
119 }
120
121
122
123
124 /* private */ function processLogin()
125 {
126 global $wgUser, $wpName, $wpPassword, $wpRemember;
127 global $returnto;
128
129 if ( "" == $wpName ) {
130 mainLoginForm( wfMsg( "noname" ) );
131 return;
132 }
133 $u = User::newFromName( $wpName );
134 $id = $u->idForName();
135 if ( 0 == $id ) {
136 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
137 mainLoginForm( $m );
138 return;
139 }
140 $u->setId( $id );
141 $u->loadFromDatabase();
142 $ep = $u->encryptPassword( $wpPassword );
143 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
144 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
145 mainLoginForm( wfMsg( "wrongpassword" ) );
146 return;
147 }
148 }
149
150 # We've verified now, update the real record
151 #
152 if ( 1 == $wpRemember ) {
153 $r = 1;
154 $u->setCookiePassword( $wpPassword );
155 } else {
156 $r = 0;
157 }
158 $u->setOption( "rememberpassword", $r );
159
160 $wgUser = $u;
161 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "loginsuccess" ) );
162 successfulLogin( $m );
163 }
164
165 /* private */ function mailPassword()
166 {
167 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
168
169 if ( "" == $wpName ) {
170 mainLoginForm( wfMsg( "noname" ) );
171 return;
172 }
173 $u = User::newFromName( $wpName );
174 $id = $u->idForName();
175 if ( 0 == $id ) {
176 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
177 mainLoginForm( $m );
178 return;
179 }
180 $u->setId( $id );
181 $u->loadFromDatabase();
182
183 if (mailPasswordInternal($u) == NULL) {
184 return;
185 }
186
187 $m = str_replace( "$1", $u->getName(), wfMsg( "passwordsent" ) );
188 mainLoginForm( $m );
189 }
190
191
192 /* private */ function mailPasswordInternal( $u )
193 {
194 global $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
195 global $wgPasswordSender;
196
197 if ( "" == $u->getEmail() ) {
198 $m = str_replace( "$1", $u->getName(), wfMsg( "noemail" ) );
199 mainLoginForm( $m );
200 return;
201 }
202 $np = User::randomPassword();
203 $u->setNewpassword( $np );
204
205 setcookie( "wcUserPassword", "", time() - 3600 );
206 $u->saveSettings();
207
208 $ip = getenv( "REMOTE_ADDR" );
209 if ( "" == $ip ) { $ip = "(Unknown)"; }
210
211 $m = str_replace( "$1", $ip, wfMsg( "passwordremindertext" ) );
212 $m = str_replace( "$2", $u->getName(), $m );
213 $m = str_replace( "$3", $np, $m );
214
215 mail( $u->getEmail(), wfMsg( "passwordremindertitle" ), $m,
216 "MIME-Version: 1.0\r\n" .
217 "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" .
218 "Content-transfer-encoding: 8bit\r\n" .
219 "From: $wgPasswordSender" );
220
221 return $u;
222 }
223
224
225
226
227
228 /* private */ function successfulLogin( $msg )
229 {
230 global $wgUser, $wgOut, $returnto;
231 global $wgDeferredUpdateList;
232
233 $wgUser->setCookies();
234 $up = new UserUpdate();
235 array_push( $wgDeferredUpdateList, $up );
236
237 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
238 $wgOut->setRobotpolicy( "noindex,nofollow" );
239 $wgOut->setArticleFlag( false );
240 $wgOut->addHTML( $msg . "\n<p>" );
241 $wgOut->returnToMain();
242 }
243
244
245
246
247
248 function userNotPrivilegedMessage()
249 {
250 global $wgOut, $wgUser, $wgLang;
251
252 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
253 $wgOut->setRobotpolicy( "noindex,nofollow" );
254 $wgOut->setArticleFlag( false );
255
256 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
257 $wgOut->returnToMain( false );
258 }
259
260
261
262
263 /* private */ function mainLoginForm( $err )
264 {
265 global $wgUser, $wgOut, $wgLang, $returnto;
266 global $wpName, $wpPassword, $wpRetype, $wpRemember;
267 global $wpEmail, $HTTP_COOKIE_VARS;
268
269 $le = wfMsg( "loginerror" );
270 $yn = wfMsg( "yourname" );
271 $yp = wfMsg( "yourpassword" );
272 $ypa = wfMsg( "yourpasswordagain" );
273 $rmp = wfMsg( "remembermypassword" );
274 $ayn = wfMsg( "areyounew" );
275 $nuo = wfMsg( "newusersonly" );
276 $li = wfMsg( "login" );
277 $ca = wfMsg( "createaccount" );
278 $cam = wfMsg( "createaccountmail" );
279 $ye = wfMsg( "youremail" );
280 $efl = wfMsg( "emailforlost" );
281 $mmp = wfMsg( "mailmypassword" );
282
283 $name = $wpName;
284 if ( "" == $name ) {
285 if ( 0 != $wgUser->getID() ) {
286 $name = $wgUser->getName();
287 } else {
288 $name = $HTTP_COOKIE_VARS["wcUserName"];
289 }
290 }
291 $pwd = $wpPassword;
292
293 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
294 $wgOut->setRobotpolicy( "noindex,nofollow" );
295 $wgOut->setArticleFlag( false );
296
297 if ( "" == $err ) {
298 $wgOut->addHTML( "<h2>$li:</h2>\n" );
299 } else {
300 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
301 color='red'>$err</font>\n" );
302 }
303 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
304 $checked = " checked";
305 } else {
306 $checked = "";
307 }
308 $q = "action=submit";
309 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
310 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
311
312 $wpName = wfEscapeHTML( $wpName );
313 $wpPassword = wfEscapeHTML( $wpPassword );
314 $wpRetype = wfEscapeHTML( $wpRetype );
315 $wpEmail = wfEscapeHTML( $wpEmail );
316
317 if ($wgUser->getID() != 0) {
318 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
319 }
320
321 $wgOut->addHTML( "
322 <form id=\"userlogin\" method=\"post\" action=\"{$action}\">
323 <table border=0><tr>
324 <td align=right>$yn:</td>
325 <td colspan=2 align=left>
326 <input tabindex=1 type=text name=\"wpName\" value=\"{$name}\" size=20>
327 </td></tr><tr>
328 <td align=right>$yp:</td>
329 <td align=left>
330 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$pwd}\" size=20>
331 </td>
332 <td align=left>
333 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
334 </td></tr>");
335
336 if ($wgUser->isAllowedToCreateAccount()) {
337
338 $wgOut->addHTML("<tr><td colspan=3>&nbsp;</td></tr><tr>
339 <td align=right>$ypa:</td>
340 <td align=left>
341 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$wpRetype}\"
342 size=20>
343 </td><td>$nuo</td></tr>
344 <tr>
345 <td align=right>$ye:</td>
346 <td align=left>
347 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$wpEmail}\" size=20>
348 </td><td align=left>
349 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
350 $cambutton
351 </td></tr>");
352 }
353
354 $wgOut->addHTML("
355 <tr>
356 <td colspan=3 align=left>
357 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
358 </td></tr>
359 <tr><td colspan=3>&nbsp;</td></tr><tr>
360 <td colspan=3 align=left>
361 <p>$efl<br>
362 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
363 </td></tr></table>
364 </form>\n" );
365
366
367
368 }
369
370 ?>
MediaWiki Core