5 * @subpackage SpecialPage
11 function wfSpecialUserlogin() {
12 global $wgCommandLineMode;
14 if( !$wgCommandLineMode && !isset( $_COOKIE[session_name()] ) ) {
18 $form = new LoginForm( $wgRequest );
25 * @subpackage SpecialPage
33 const WRONG_PLUGIN_PASS
= 3;
38 var $mName, $mPassword, $mRetype, $mReturnTo, $mCookieCheck, $mPosted;
39 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
40 var $mLoginattempt, $mRemember, $mEmail, $mDomain, $mLanguage;
44 * @param webrequest $request A webrequest object passed by reference
46 function LoginForm( &$request ) {
47 global $wgLang, $wgAllowRealName, $wgEnableEmail;
50 $this->mType
= $request->getText( 'type' );
51 $this->mName
= $request->getText( 'wpName' );
52 $this->mPassword
= $request->getText( 'wpPassword' );
53 $this->mRetype
= $request->getText( 'wpRetype' );
54 $this->mDomain
= $request->getText( 'wpDomain' );
55 $this->mReturnTo
= $request->getVal( 'returnto' );
56 $this->mCookieCheck
= $request->getVal( 'wpCookieCheck' );
57 $this->mPosted
= $request->wasPosted();
58 $this->mCreateaccount
= $request->getCheck( 'wpCreateaccount' );
59 $this->mCreateaccountMail
= $request->getCheck( 'wpCreateaccountMail' )
61 $this->mMailmypassword
= $request->getCheck( 'wpMailmypassword' )
63 $this->mLoginattempt
= $request->getCheck( 'wpLoginattempt' );
64 $this->mAction
= $request->getVal( 'action' );
65 $this->mRemember
= $request->getCheck( 'wpRemember' );
66 $this->mLanguage
= $request->getText( 'uselang' );
68 if( $wgEnableEmail ) {
69 $this->mEmail
= $request->getText( 'wpEmail' );
73 if( $wgAllowRealName ) {
74 $this->mRealName
= $request->getText( 'wpRealName' );
76 $this->mRealName
= '';
79 if( !$wgAuth->validDomain( $this->mDomain
) ) {
80 $this->mDomain
= 'invaliddomain';
82 $wgAuth->setDomain( $this->mDomain
);
84 # When switching accounts, it sucks to get automatically logged out
85 if( $this->mReturnTo
== $wgLang->specialPage( 'Userlogout' ) ) {
86 $this->mReturnTo
= '';
91 if ( !is_null( $this->mCookieCheck
) ) {
92 $this->onCookieRedirectCheck( $this->mCookieCheck
);
94 } else if( $this->mPosted
) {
95 if( $this->mCreateaccount
) {
96 return $this->addNewAccount();
97 } else if ( $this->mCreateaccountMail
) {
98 return $this->addNewAccountMailPassword();
99 } else if ( $this->mMailmypassword
) {
100 return $this->mailPassword();
101 } else if ( ( 'submitlogin' == $this->mAction
) ||
$this->mLoginattempt
) {
102 return $this->processLogin();
105 $this->mainLoginForm( '' );
111 function addNewAccountMailPassword() {
114 if ('' == $this->mEmail
) {
115 $this->mainLoginForm( wfMsg( 'noemail', htmlspecialchars( $this->mName
) ) );
119 $u = $this->addNewaccountInternal();
126 $result = $this->mailPasswordInternal($u);
128 wfRunHooks( 'AddNewAccount', array( $u ) );
130 $wgOut->setPageTitle( wfMsg( 'accmailtitle' ) );
131 $wgOut->setRobotpolicy( 'noindex,nofollow' );
132 $wgOut->setArticleRelated( false );
134 if( WikiError
::isError( $result ) ) {
135 $this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
137 $wgOut->addWikiText( wfMsg( 'accmailtext', $u->getName(), $u->getEmail() ) );
138 $wgOut->returnToMain( false );
147 function addNewAccount() {
148 global $wgUser, $wgEmailAuthentication;
150 # Create the account and abort if there's a problem doing so
151 $u = $this->addNewAccountInternal();
155 # If we showed up language selection links, and one was in use, be
156 # smart (and sensible) and save that language as the user's preference
157 global $wgLoginLanguageSelector;
158 if( $wgLoginLanguageSelector && $this->mLanguage
)
159 $u->setOption( 'language', $this->mLanguage
);
161 # Save user settings and send out an email authentication message if needed
163 if( $wgEmailAuthentication && User
::isValidEmailAddr( $u->getEmail() ) )
164 $u->sendConfirmationMail();
166 # If not logged in, assume the new account as the current one and set session cookies
167 # then show a "welcome" message or a "need cookies" message as needed
168 if( $wgUser->isAnon() ) {
170 $wgUser->setCookies();
171 wfRunHooks( 'AddNewAccount', array( $wgUser ) );
172 if( $this->hasSessionCookie() ) {
173 return $this->successfulLogin( wfMsg( 'welcomecreation', $wgUser->getName() ), false );
175 return $this->cookieRedirectCheck( 'new' );
178 # Confirm that the account was created
180 $skin = $wgUser->getSkin();
181 $self = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
182 $wgOut->setPageTitle( wfMsgHtml( 'accountcreated' ) );
183 $wgOut->setArticleRelated( false );
184 $wgOut->setRobotPolicy( 'noindex,nofollow' );
185 $wgOut->addHtml( wfMsgWikiHtml( 'accountcreatedtext', $u->getName() ) );
186 $wgOut->returnToMain( $self->getPrefixedText() );
187 wfRunHooks( 'AddNewAccount', array( $u ) );
195 function addNewAccountInternal() {
196 global $wgUser, $wgOut;
197 global $wgEnableSorbs, $wgProxyWhitelist;
198 global $wgMemc, $wgAccountCreationThrottle, $wgDBname;
199 global $wgAuth, $wgMinimalPasswordLength;
201 // If the user passes an invalid domain, something is fishy
202 if( !$wgAuth->validDomain( $this->mDomain
) ) {
203 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
207 // If we are not allowing users to login locally, we should
208 // be checking to see if the user is actually able to
209 // authenticate to the authentication server before they
210 // create an account (otherwise, they can create a local account
211 // and login as any domain user). We only need to check this for
212 // domains that aren't local.
213 if( 'local' != $this->mDomain
&& '' != $this->mDomain
) {
214 if( !$wgAuth->canCreateAccounts() && ( !$wgAuth->userExists( $this->mName
) ||
!$wgAuth->authenticate( $this->mName
, $this->mPassword
) ) ) {
215 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
220 if ( wfReadOnly() ) {
221 $wgOut->readOnlyPage();
225 if (!$wgUser->isAllowedToCreateAccount()) {
226 $this->userNotPrivilegedMessage();
231 if ( $wgEnableSorbs && !in_array( $ip, $wgProxyWhitelist ) &&
232 $wgUser->inSorbsBlacklist( $ip ) )
234 $this->mainLoginForm( wfMsg( 'sorbs_create_account_reason' ) . ' (' . htmlspecialchars( $ip ) . ')' );
238 $name = trim( $this->mName
);
239 $u = User
::newFromName( $name );
240 if ( is_null( $u ) ||
!User
::isCreatableName( $u->getName() ) ) {
241 $this->mainLoginForm( wfMsg( 'noname' ) );
245 if ( 0 != $u->idForName() ) {
246 $this->mainLoginForm( wfMsg( 'userexists' ) );
250 if ( 0 != strcmp( $this->mPassword
, $this->mRetype
) ) {
251 $this->mainLoginForm( wfMsg( 'badretype' ) );
255 if ( !$wgUser->isValidPassword( $this->mPassword
) ) {
256 $this->mainLoginForm( wfMsg( 'passwordtooshort', $wgMinimalPasswordLength ) );
260 if ( $wgAccountCreationThrottle ) {
261 $key = $wgDBname.':acctcreate:ip:'.$ip;
262 $value = $wgMemc->incr( $key );
264 $wgMemc->set( $key, 1, 86400 );
266 if ( $value > $wgAccountCreationThrottle ) {
267 $this->throttleHit( $wgAccountCreationThrottle );
273 if( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) {
274 // Hook point to add extra creation throttles and blocks
275 wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" );
276 $this->mainLoginForm( $abortError );
280 if( !$wgAuth->addUser( $u, $this->mPassword
) ) {
281 $this->mainLoginForm( wfMsg( 'externaldberror' ) );
286 $ssUpdate = new SiteStatsUpdate( 0, 0, 0, 0, 1 );
287 $ssUpdate->doUpdate();
289 return $this->initUser( $u );
293 * Actually add a user to the database.
294 * Give it a User object that has been initialised with a name.
296 * @param $u User object.
297 * @return User object.
300 function &initUser( &$u ) {
302 $u->setPassword( $this->mPassword
);
303 $u->setEmail( $this->mEmail
);
304 $u->setRealName( $this->mRealName
);
308 $wgAuth->initUser( $u );
310 $u->setOption( 'rememberpassword', $this->mRemember ?
1 : 0 );
319 function authenticateUserData()
321 global $wgUser, $wgAuth;
322 if ( '' == $this->mName
) {
323 return self
::NO_NAME
;
325 $u = User
::newFromName( $this->mName
);
326 if( is_null( $u ) ||
!User
::isUsableName( $u->getName() ) ) {
327 return self
::ILLEGAL
;
329 if ( 0 == $u->getID() ) {
332 * If the external authentication plugin allows it,
333 * automatically create a new account for users that
334 * are externally defined but have not yet logged in.
336 if ( $wgAuth->autoCreate() && $wgAuth->userExists( $u->getName() ) ) {
337 if ( $wgAuth->authenticate( $u->getName(), $this->mPassword
) ) {
338 $u =& $this->initUser( $u );
340 return self
::WRONG_PLUGIN_PASS
;
343 return self
::NOT_EXISTS
;
346 $u->loadFromDatabase();
349 if (!$u->checkPassword( $this->mPassword
)) {
350 return '' == $this->mPassword ? self
::EMPTY_PASS
: self
::WRONG_PASS
;
354 $wgAuth->updateUser( $u );
357 return self
::SUCCESS
;
361 function processLogin() {
362 global $wgUser, $wgAuth;
364 switch ($this->authenticateUserData())
367 # We've verified now, update the real record
368 $wgUser->setOption( 'rememberpassword', $this->mRemember ?
1 : 0 );
369 $wgUser->setCookies();
370 $wgUser->saveSettings();
372 if( $this->hasSessionCookie() ) {
373 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
375 return $this->cookieRedirectCheck( 'login' );
381 $this->mainLoginForm( wfMsg( 'noname' ) );
383 case self
::WRONG_PLUGIN_PASS
:
384 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
386 case self
::NOT_EXISTS
:
387 $this->mainLoginForm( wfMsg( 'nosuchuser', htmlspecialchars( $this->mName
) ) );
389 case self
::WRONG_PASS
:
390 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
392 case self
::EMPTY_PASS
:
393 $this->mainLoginForm( wfMsg( 'wrongpasswordempty' ) );
396 wfDebugDieBacktrace( "Unhandled case value" );
403 function mailPassword() {
404 global $wgUser, $wgOut;
406 # Check against the rate limiter
407 if( $wgUser->pingLimiter( 'mailpassword' ) ) {
408 $wgOut->rateLimited();
412 if ( '' == $this->mName
) {
413 $this->mainLoginForm( wfMsg( 'noname' ) );
416 $u = User
::newFromName( $this->mName
);
417 if( is_null( $u ) ) {
418 $this->mainLoginForm( wfMsg( 'noname' ) );
421 if ( 0 == $u->getID() ) {
422 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
426 $u->loadFromDatabase();
428 $result = $this->mailPasswordInternal( $u );
429 if( WikiError
::isError( $result ) ) {
430 $this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
432 $this->mainLoginForm( wfMsg( 'passwordsent', $u->getName() ), 'success' );
438 * @return mixed true on success, WikiError on failure
441 function mailPasswordInternal( $u ) {
442 global $wgCookiePath, $wgCookieDomain, $wgCookiePrefix, $wgCookieSecure;
443 global $wgServer, $wgScript;
445 if ( '' == $u->getEmail() ) {
446 return new WikiError( wfMsg( 'noemail', $u->getName() ) );
449 $np = $u->randomPassword();
450 $u->setNewpassword( $np );
452 setcookie( "{$wgCookiePrefix}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
457 if ( '' == $ip ) { $ip = '(Unknown)'; }
459 $m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np, $wgServer . $wgScript );
461 $result = $u->sendMail( wfMsg( 'passwordremindertitle' ), $m );
467 * @param string $msg Message that will be shown on success
468 * @param bool $auto Toggle auto-redirect to main page; default true
471 function successfulLogin( $msg, $auto = true ) {
475 # Run any hooks; ignore results
477 wfRunHooks('UserLoginComplete', array(&$wgUser));
479 $wgOut->setPageTitle( wfMsg( 'loginsuccesstitle' ) );
480 $wgOut->setRobotpolicy( 'noindex,nofollow' );
481 $wgOut->setArticleRelated( false );
482 $wgOut->addWikiText( $msg );
483 if ( !empty( $this->mReturnTo
) ) {
484 $wgOut->returnToMain( $auto, $this->mReturnTo
);
486 $wgOut->returnToMain( $auto );
491 function userNotPrivilegedMessage() {
494 $wgOut->setPageTitle( wfMsg( 'whitelistacctitle' ) );
495 $wgOut->setRobotpolicy( 'noindex,nofollow' );
496 $wgOut->setArticleRelated( false );
498 $wgOut->addWikiText( wfMsg( 'whitelistacctext' ) );
500 $wgOut->returnToMain( false );
504 function userBlockedMessage() {
507 # Let's be nice about this, it's likely that this feature will be used
508 # for blocking large numbers of innocent people, e.g. range blocks on
509 # schools. Don't blame it on the user. There's a small chance that it
510 # really is the user's fault, i.e. the username is blocked and they
511 # haven't bothered to log out before trying to create an account to
512 # evade it, but we'll leave that to their guilty conscience to figure
515 $wgOut->setPageTitle( wfMsg( 'cantcreateaccounttitle' ) );
516 $wgOut->setRobotpolicy( 'noindex,nofollow' );
517 $wgOut->setArticleRelated( false );
520 $wgOut->addWikiText( wfMsg( 'cantcreateaccounttext', $ip ) );
521 $wgOut->returnToMain( false );
527 function mainLoginForm( $msg, $msgtype = 'error' ) {
528 global $wgUser, $wgOut, $wgAllowRealName, $wgEnableEmail;
529 global $wgCookiePrefix, $wgAuth, $wgLoginLanguageSelector;
531 if ( $this->mType
== 'signup' ) {
532 if ( !$wgUser->isAllowed( 'createaccount' ) ) {
533 $this->userNotPrivilegedMessage();
535 } elseif ( $wgUser->isBlockedFromCreateAccount() ) {
536 $this->userBlockedMessage();
541 if ( '' == $this->mName
) {
542 if ( $wgUser->isLoggedIn() ) {
543 $this->mName
= $wgUser->getName();
545 $this->mName
= @$_COOKIE[$wgCookiePrefix.'UserName'];
549 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
551 if ( $this->mType
== 'signup' ) {
552 $template = new UsercreateTemplate();
553 $q = 'action=submitlogin&type=signup';
554 $linkq = 'type=login';
555 $linkmsg = 'gotaccount';
557 $template = new UserloginTemplate();
558 $q = 'action=submitlogin&type=login';
559 $linkq = 'type=signup';
560 $linkmsg = 'nologin';
563 if ( !empty( $this->mReturnTo
) ) {
564 $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo
);
569 # Pass any language selection on to the mode switch link
570 if( $wgLoginLanguageSelector && $this->mLanguage
)
571 $linkq .= '&uselang=' . $this->mLanguage
;
573 $link = '<a href="' . htmlspecialchars ( $titleObj->getLocalUrl( $linkq ) ) . '">';
574 $link .= wfMsgHtml( $linkmsg . 'link' );
577 # Don't show a "create account" link if the user can't
578 if( $this->showCreateOrLoginLink( $wgUser ) )
579 $template->set( 'link', wfMsgHtml( $linkmsg, $link ) );
581 $template->set( 'link', '' );
583 $template->set( 'header', '' );
584 $template->set( 'name', $this->mName
);
585 $template->set( 'password', $this->mPassword
);
586 $template->set( 'retype', $this->mRetype
);
587 $template->set( 'email', $this->mEmail
);
588 $template->set( 'realname', $this->mRealName
);
589 $template->set( 'domain', $this->mDomain
);
591 $template->set( 'action', $titleObj->getLocalUrl( $q ) );
592 $template->set( 'message', $msg );
593 $template->set( 'messagetype', $msgtype );
594 $template->set( 'createemail', $wgEnableEmail && $wgUser->isLoggedIn() );
595 $template->set( 'userealname', $wgAllowRealName );
596 $template->set( 'useemail', $wgEnableEmail );
597 $template->set( 'remember', $wgUser->getOption( 'rememberpassword' ) or $this->mRemember
);
599 # Prepare language selection links as needed
600 if( $wgLoginLanguageSelector ) {
601 $template->set( 'languages', $this->makeLanguageSelector() );
602 if( $this->mLanguage
)
603 $template->set( 'uselang', $this->mLanguage
);
606 // Give authentication and captcha plugins a chance to modify the form
607 $wgAuth->modifyUITemplate( $template );
608 if ( $this->mType
== 'signup' ) {
609 wfRunHooks( 'UserCreateForm', array( &$template ) );
611 wfRunHooks( 'UserLoginForm', array( &$template ) );
614 $wgOut->setPageTitle( wfMsg( 'userlogin' ) );
615 $wgOut->setRobotpolicy( 'noindex,nofollow' );
616 $wgOut->setArticleRelated( false );
617 $wgOut->addTemplate( $template );
623 function showCreateOrLoginLink( &$user ) {
624 if( $this->mType
== 'signup' ) {
626 } elseif( $user->isAllowed( 'createaccount' ) ) {
636 function hasSessionCookie() {
637 global $wgDisableCookieCheck;
638 return ( $wgDisableCookieCheck ) ?
true : ( isset( $_COOKIE[session_name()] ) );
644 function cookieRedirectCheck( $type ) {
647 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
648 $check = $titleObj->getFullURL( 'wpCookieCheck='.$type );
650 return $wgOut->redirect( $check );
656 function onCookieRedirectCheck( $type ) {
659 if ( !$this->hasSessionCookie() ) {
660 if ( $type == 'new' ) {
661 return $this->mainLoginForm( wfMsg( 'nocookiesnew' ) );
662 } else if ( $type == 'login' ) {
663 return $this->mainLoginForm( wfMsg( 'nocookieslogin' ) );
666 return $this->mainLoginForm( wfMsg( 'error' ) );
669 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
676 function throttleHit( $limit ) {
679 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
683 * Produce a bar of links which allow the user to select another language
684 * during login/registration but retain "returnto"
688 function makeLanguageSelector() {
689 $msg = wfMsgForContent( 'loginlanguagelinks' );
690 if( $msg != '' && !wfEmptyMsg( 'loginlanguagelinks', $msg ) ) {
691 $langs = explode( "\n", $msg );
693 foreach( $langs as $lang ) {
694 $lang = trim( $lang, '* ' );
695 $parts = explode( '|', $lang );
696 $links[] = $this->makeLanguageSelectorLink( $parts[0], $parts[1] );
698 return count( $links ) > 0 ?
wfMsgHtml( 'loginlanguagelabel', implode( ' | ', $links ) ) : '';
705 * Create a language selector link for a particular language
706 * Links back to this page preserving type and returnto
708 * @param $text Link text
709 * @param $lang Language code
711 function makeLanguageSelectorLink( $text, $lang ) {
713 $self = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
714 $attr[] = 'uselang=' . $lang;
715 if( $this->mType
== 'signup' )
716 $attr[] = 'type=signup';
717 if( $this->mReturnTo
)
718 $attr[] = 'returnto=' . $this->mReturnTo
;
719 $skin =& $wgUser->getSkin();
720 return $skin->makeKnownLinkObj( $self, htmlspecialchars( $text ), implode( '&', $attr ) );