search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / specials / SpecialConfirmemail.php
blob3828b1c6578c9aa169c89c8312a4522f0236bec8
1 <?php
2 /**
3 * Implements Special:Confirmemail and Special:Invalidateemail
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * Special page allows users to request email confirmation message, and handles
26 * processing of the confirmation code when the link in the email is followed
27 *
28 * @ingroup SpecialPage
29 * @author Brion Vibber
30 * @author Rob Church <robchur@gmail.com>
31 */
32 class EmailConfirmation extends UnlistedSpecialPage {
33 public function __construct() {
34 parent::__construct( 'Confirmemail', 'editmyprivateinfo' );
35 }
36
37 /**
38 * Main execution point
39 *
40 * @param null|string $code Confirmation code passed to the page
41 */
42 function execute( $code ) {
43 $this->setHeaders();
44
45 $this->checkReadOnly();
46 $this->checkPermissions();
47
48 // This could also let someone check the current email address, so
49 // require both permissions.
50 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
51 throw new PermissionsError( 'viewmyprivateinfo' );
52 }
53
54 if ( $code === null || $code === '' ) {
55 if ( $this->getUser()->isLoggedIn() ) {
56 if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {
57 $this->showRequestForm();
58 } else {
59 $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );
60 }
61 } else {
62 $llink = Linker::linkKnown(
63 SpecialPage::getTitleFor( 'Userlogin' ),
64 $this->msg( 'loginreqlink' )->escaped(),
65 array(),
66 array( 'returnto' => $this->getTitle()->getPrefixedText() )
67 );
68 $this->getOutput()->addHTML(
69 $this->msg( 'confirmemail_needlogin' )->rawParams( $llink )->parse()
70 );
71 }
72 } else {
73 $this->attemptConfirm( $code );
74 }
75 }
76
77 /**
78 * Show a nice form for the user to request a confirmation mail
79 */
80 function showRequestForm() {
81 $user = $this->getUser();
82 $out = $this->getOutput();
83
84 if ( $this->getRequest()->wasPosted() &&
85 $user->matchEditToken( $this->getRequest()->getText( 'token' ) )
86 ) {
87 $status = $user->sendConfirmationMail();
88 if ( $status->isGood() ) {
89 $out->addWikiMsg( 'confirmemail_sent' );
90 } else {
91 $out->addWikiText( $status->getWikiText( 'confirmemail_sendfailed' ) );
92 }
93 } else {
94 if ( $user->isEmailConfirmed() ) {
95 // date and time are separate parameters to facilitate localisation.
96 // $time is kept for backward compat reasons.
97 // 'emailauthenticated' is also used in SpecialPreferences.php
98 $lang = $this->getLanguage();
99 $emailAuthenticated = $user->getEmailAuthenticationTimestamp();
100 $time = $lang->userTimeAndDate( $emailAuthenticated, $user );
101 $d = $lang->userDate( $emailAuthenticated, $user );
102 $t = $lang->userTime( $emailAuthenticated, $user );
103 $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );
104 }
105
106 if ( $user->isEmailConfirmationPending() ) {
107 $out->wrapWikiMsg(
108 "<div class=\"error mw-confirmemail-pending\">\n$1\n</div>",
109 'confirmemail_pending'
110 );
111 }
112
113 $out->addWikiMsg( 'confirmemail_text' );
114 $form = Html::openElement(
115 'form',
116 array( 'method' => 'post', 'action' => $this->getTitle()->getLocalURL() )
117 ) . "\n";
118 $form .= Html::hidden( 'token', $user->getEditToken() ) . "\n";
119 $form .= Xml::submitButton( $this->msg( 'confirmemail_send' )->text() ) . "\n";
120 $form .= Html::closeElement( 'form' ) . "\n";
121 $out->addHTML( $form );
122 }
123 }
124
125 /**
126 * Attempt to confirm the user's email address and show success or failure
127 * as needed; if successful, take the user to log in
128 *
129 * @param string $code Confirmation code
130 */
131 function attemptConfirm( $code ) {
132 $user = User::newFromConfirmationCode( $code );
133 if ( !is_object( $user ) ) {
134 $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
135
136 return;
137 }
138
139 $user->confirmEmail();
140 $user->saveSettings();
141 $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success';
142 $this->getOutput()->addWikiMsg( $message );
143
144 if ( !$this->getUser()->isLoggedIn() ) {
145 $title = SpecialPage::getTitleFor( 'Userlogin' );
146 $this->getOutput()->returnToMain( true, $title );
147 }
148 }
149 }
150
151 /**
152 * Special page allows users to cancel an email confirmation using the e-mail
153 * confirmation code
154 *
155 * @ingroup SpecialPage
156 */
157 class EmailInvalidation extends UnlistedSpecialPage {
158 public function __construct() {
159 parent::__construct( 'Invalidateemail', 'editmyprivateinfo' );
160 }
161
162 function execute( $code ) {
163 $this->setHeaders();
164 $this->checkReadOnly();
165 $this->checkPermissions();
166 $this->attemptInvalidate( $code );
167 }
168
169 /**
170 * Attempt to invalidate the user's email address and show success or failure
171 * as needed; if successful, link to main page
172 *
173 * @param string $code Confirmation code
174 */
175 function attemptInvalidate( $code ) {
176 $user = User::newFromConfirmationCode( $code );
177 if ( !is_object( $user ) ) {
178 $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
179
180 return;
181 }
182
183 $user->invalidateEmail();
184 $user->saveSettings();
185 $this->getOutput()->addWikiMsg( 'confirmemail_invalidated' );
186
187 if ( !$this->getUser()->isLoggedIn() ) {
188 $this->getOutput()->returnToMain();
189 }
190 }
191 }
MediaWiki Core