5 * @subpackage SpecialPage
11 require_once('UserMailer.php');
16 function wfSpecialUserlogin() {
17 global $wgCommandLineMode;
19 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
23 $form = new LoginForm( $wgRequest );
30 * @subpackage SpecialPage
33 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
34 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
35 var $mLoginattempt, $mRemember, $mEmail;
37 function LoginForm( &$request ) {
38 global $wgLang, $wgAllowRealName;
40 $this->mName
= $request->getText( 'wpName' );
41 $this->mPassword
= $request->getText( 'wpPassword' );
42 $this->mRetype
= $request->getText( 'wpRetype' );
43 $this->mReturnto
= $request->getVal( 'returnto' );
44 $this->mCookieCheck
= $request->getVal( "wpCookieCheck" );
45 $this->mPosted
= $request->wasPosted();
46 $this->mCreateaccount
= $request->getCheck( 'wpCreateaccount' );
47 $this->mCreateaccountMail
= $request->getCheck( 'wpCreateaccountMail' );
48 $this->mMailmypassword
= $request->getCheck( 'wpMailmypassword' );
49 $this->mLoginattempt
= $request->getCheck( 'wpLoginattempt' );
50 $this->mAction
= $request->getVal( 'action' );
51 $this->mRemember
= $request->getCheck( 'wpRemember' );
52 $this->mEmail
= $request->getText( 'wpEmail' );
53 if ($wgAllowRealName) {
54 $this->mRealName
= $request->getText( 'wpRealName' );
56 $this->mRealName
= '';
59 # When switching accounts, it sucks to get automatically logged out
60 if( $this->mReturnto
== $wgLang->specialPage( "Userlogout" ) ) {
61 $this->mReturnto
= "";
66 if ( !is_null( $this->mCookieCheck
) ) {
67 $this->onCookieRedirectCheck( $this->mCookieCheck
);
69 } else if( $this->mPosted
) {
70 if( $this->mCreateaccount
) {
71 return $this->addNewAccount();
72 } else if ( $this->mCreateaccountMail
) {
73 return $this->addNewAccountMailPassword();
74 } else if ( $this->mMailmypassword
) {
75 return $this->mailPassword();
76 } else if ( ( "submit" == $this->mAction
) ||
$this->mLoginattempt
) {
77 return $this->processLogin();
80 $this->mainLoginForm( "" );
86 function addNewAccountMailPassword() {
89 if ("" == $this->mEmail
) {
90 $this->mainLoginForm( wfMsg( "noemail", $this->mName
) );
94 $u = $this->addNewaccountInternal();
101 $error = $this->mailPasswordInternal($u);
103 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
104 $wgOut->setRobotpolicy( "noindex,nofollow" );
105 $wgOut->setArticleRelated( false );
107 if ( $error === "" ) {
108 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
109 $wgOut->returnToMain( false );
111 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
121 function addNewAccount() {
122 global $wgUser, $wgOut;
123 global $wgDeferredUpdateList;
125 $u = $this->addNewAccountInternal();
132 $wgUser->setCookies();
134 $up = new UserUpdate();
135 array_push( $wgDeferredUpdateList, $up );
137 if( $this->hasSessionCookie() ) {
138 return $this->successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
140 return $this->cookieRedirectCheck( "new" );
148 function addNewAccountInternal() {
149 global $wgUser, $wgOut;
150 global $wgMaxNameChars;
151 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
153 if (!$wgUser->isAllowedToCreateAccount()) {
154 $this->userNotPrivilegedMessage();
158 if ( 0 != strcmp( $this->mPassword
, $this->mRetype
) ) {
159 $this->mainLoginForm( wfMsg( "badretype" ) );
163 $name = trim( $this->mName
);
164 $u = User
::newFromName( $name );
165 if ( ( "" == $name ) ||
166 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
167 (strpos( $name, "/" ) !== false) ||
168 (strlen( $name ) > $wgMaxNameChars) ||
169 ucFirst($name) != $u->getName() )
171 $this->mainLoginForm( wfMsg( "noname" ) );
174 if ( wfReadOnly() ) {
175 $wgOut->readOnlyPage();
179 if ( 0 != $u->idForName() ) {
180 $this->mainLoginForm( wfMsg( "userexists" ) );
184 if ( $wgAccountCreationThrottle ) {
185 $key = "$wgDBname:acctcreate:ip:$wgIP";
186 $value = $wgMemc->incr( $key );
188 $wgMemc->set( $key, 1, 86400 );
190 if ( $value > $wgAccountCreationThrottle ) {
191 $this->throttleHit( $wgAccountCreationThrottle );
197 $u->setPassword( $this->mPassword
);
198 $u->setEmail( $this->mEmail
);
199 $u->setRealName( $this->mRealName
);
201 if ( $this->mRemember
) { $r = 1; }
203 $u->setOption( "rememberpassword", $r );
211 function processLogin() {
213 global $wgDeferredUpdateList;
215 if ( "" == $this->mName
) {
216 $this->mainLoginForm( wfMsg( "noname" ) );
219 $u = User
::newFromName( $this->mName
);
220 $id = $u->idForName();
222 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
226 $u->loadFromDatabase();
227 if (!$u->checkPassword( $this->mPassword
)) {
228 $this->mainLoginForm( wfMsg( "wrongpassword" ) );
232 # We've verified now, update the real record
234 if ( $this->mRemember
) {
236 $u->setCookiePassword( $this->mPassword
);
240 $u->setOption( "rememberpassword", $r );
243 $wgUser->setCookies();
245 $up = new UserUpdate();
246 array_push( $wgDeferredUpdateList, $up );
248 if( $this->hasSessionCookie() ) {
249 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
251 return $this->cookieRedirectCheck( "login" );
258 function mailPassword() {
259 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
260 global $wgCookiePath, $wgCookieDomain, $wgDBname;
262 if ( "" == $this->mName
) {
263 $this->mainLoginForm( wfMsg( "noname" ) );
266 $u = User
::newFromName( $this->mName
);
267 $id = $u->idForName();
269 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
273 $u->loadFromDatabase();
275 $error = $this->mailPasswordInternal( $u );
277 $this->mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
279 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
288 function mailPasswordInternal( $u ) {
289 global $wgDeferredUpdateList, $wgOutputEncoding;
290 global $wgPasswordSender, $wgDBname, $wgIP;
291 global $wgCookiePath, $wgCookieDomain;
293 if ( "" == $u->getEmail() ) {
294 $this->mainLoginForm( wfMsg( "noemail", $u->getName() ) );
297 $np = User
::randomPassword();
298 $u->setNewpassword( $np );
300 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
304 if ( "" == $ip ) { $ip = "(Unknown)"; }
306 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
308 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
317 function successfulLogin( $msg ) {
319 global $wgDeferredUpdateList;
322 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
323 $wgOut->setRobotpolicy( "noindex,nofollow" );
324 $wgOut->setArticleRelated( false );
325 $wgOut->addWikiText( $msg );
326 $wgOut->returnToMain();
329 function userNotPrivilegedMessage() {
330 global $wgOut, $wgUser, $wgLang;
332 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
333 $wgOut->setRobotpolicy( "noindex,nofollow" );
334 $wgOut->setArticleRelated( false );
336 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
338 $wgOut->returnToMain( false );
344 function mainLoginForm( $err ) {
345 global $wgUser, $wgOut, $wgLang;
346 global $wgDBname, $wgAllowRealName;
348 $le = wfMsg( "loginerror" );
349 $yn = wfMsg( "yourname" );
350 $yp = wfMsg( "yourpassword" );
351 $ypa = wfMsg( "yourpasswordagain" );
352 $rmp = wfMsg( "remembermypassword" );
353 $nuo = wfMsg( "newusersonly" );
354 $li = wfMsg( "login" );
355 $ca = wfMsg( "createaccount" );
356 $cam = wfMsg( "createaccountmail" );
357 $ye = wfMsg( "youremail" );
358 if ($wgAllowRealName) {
359 $yrn = wfMsg( "yourrealname" );
363 $efl = wfMsg( "emailforlost" );
364 $mmp = wfMsg( "mailmypassword" );
365 $endText = wfMsg( "loginend" );
367 if ( $endText = "<loginend>" ) {
371 if ( "" == $this->mName
) {
372 if ( 0 != $wgUser->getID() ) {
373 $this->mName
= $wgUser->getName();
375 $this->mName
= @$_COOKIE["{$wgDBname}UserName"];
379 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
380 $wgOut->setRobotpolicy( "noindex,nofollow" );
381 $wgOut->setArticleRelated( false );
384 $lp = wfMsg( "loginprompt" );
385 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
387 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
388 color='red'>$err</font>\n" );
390 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
391 $checked = " checked";
396 $q = "action=submit";
397 if ( !empty( $this->mReturnto
) ) {
398 $q .= "&returnto=" . wfUrlencode( $this->mReturnto
);
401 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
402 $action = $titleObj->escapeLocalUrl( $q );
404 $encName = htmlspecialchars( $this->mName
);
405 $encPassword = htmlspecialchars( $this->mPassword
);
406 $encRetype = htmlspecialchars( $this->mRetype
);
407 $encEmail = htmlspecialchars( $this->mEmail
);
408 $encRealName = htmlspecialchars( $this->mRealName
);
410 if ($wgUser->getID() != 0) {
411 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
417 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
418 <table border='0'><tr>
419 <td align='right'>$yn:</td>
421 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
424 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
428 <td align='right'>$yp:</td>
430 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
433 <input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
437 if ($wgUser->isAllowedToCreateAccount()) {
438 $encRetype = htmlspecialchars( $this->mRetype
);
439 $encEmail = htmlspecialchars( $this->mEmail
);
440 $wgOut->addHTML("<tr><td colspan='3'> </td></tr><tr>
441 <td align='right'>$ypa:</td>
443 <input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
445 </td><td>$nuo</td></tr>
447 <td align='right'>$ye:</td>
449 <input tabindex='6' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
452 if ($wgAllowRealName) {
453 $wgOut->addHTML("<td> </td>
455 <td align='right'>$yrn:</td>
457 <input tabindex='6' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
461 $wgOut->addHTML("<td align='left'>
462 <input tabindex='7' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
468 <tr><td colspan='3'> </td></tr><tr>
469 <td colspan='3' align='left'>
471 <input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
474 $wgOut->addHTML( $endText );
480 function hasSessionCookie() {
481 global $wgDisableCookieCheck;
482 return ( $wgDisableCookieCheck ) ?
true : ( "" != $_COOKIE[session_name()] );
488 function cookieRedirectCheck( $type ) {
489 global $wgOut, $wgLang;
491 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
492 $check = $titleObj->getFullURL( "wpCookieCheck=$type" );
494 return $wgOut->redirect( $check );
500 function onCookieRedirectCheck( $type ) {
503 if ( !$this->hasSessionCookie() ) {
504 if ( $type == "new" ) {
505 return $this->mainLoginForm( wfMsg( "nocookiesnew" ) );
506 } else if ( $type == "login" ) {
507 return $this->mainLoginForm( wfMsg( "nocookieslogin" ) );
510 return $this->mainLoginForm( wfMsg( "error" ) );
513 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
520 function throttleHit( $limit ) {
523 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );