AuthManager: Break AuthPlugin::addUser more explicitly
[mediawiki.git] / includes / specials / pre-authmanager / SpecialUserlogout.php
blob6d6a71404f183ab3c35065711a4a796b7377ce30
1 <?php
2 /**
3 * Implements Special:Userlogout
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
21 * @ingroup SpecialPage
24 /**
25 * Implements Special:Userlogout
27 * @ingroup SpecialPage
29 class SpecialUserlogoutPreAuthManager extends UnlistedSpecialPage {
30 function __construct() {
31 parent::__construct( 'Userlogout' );
34 public function doesWrites() {
35 return true;
38 function execute( $par ) {
39 /**
40 * Some satellite ISPs use broken precaching schemes that log people out straight after
41 * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
43 if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&amp;' ) !== false ) {
44 wfDebug( "Special:Userlogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
45 throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
48 $this->setHeaders();
49 $this->outputHeader();
51 // Make sure it's possible to log out
52 $session = MediaWiki\Session\SessionManager::getGlobalSession();
53 if ( !$session->canSetUser() ) {
54 throw new ErrorPageError(
55 'cannotlogoutnow-title',
56 'cannotlogoutnow-text',
58 $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
63 $user = $this->getUser();
64 $oldName = $user->getName();
65 $user->logout();
67 $loginURL = SpecialPage::getTitleFor( 'Userlogin' )->getFullURL(
68 $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
70 $out = $this->getOutput();
71 $out->addWikiMsg( 'logouttext', $loginURL );
73 // Hook.
74 $injected_html = '';
75 Hooks::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
76 $out->addHTML( $injected_html );
78 $out->returnToMain();
81 protected function getGroupName() {
82 return 'login';