3 require_once('UserMailer.php');
5 function wfSpecialUserlogin()
7 global $wgCommandLineMode;
8 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
12 $fields = array( "wpName", "wpPassword", "wpName",
13 "wpPassword", "wpRetype", "wpEmail" );
14 wfCleanFormFields( $fields );
16 # When switching accounts, it sucks to get automatically logged out
18 if( $_REQUEST['returnto'] == $wgLang->specialPage( "Userlogout" ) ) $_REQUEST['returnto'] = "";
20 $wpCookieCheck = $_REQUEST[ "wpCookieCheck" ];
22 if ( isset( $wpCookieCheck ) ) {
23 onCookieRedirectCheck( $wpCookieCheck );
24 } else if ( isset( $_REQUEST['wpCreateaccount'] ) ) {
26 } else if ( isset( $_REQUEST['wpCreateaccountMail'] ) ) {
27 addNewAccountMailPassword();
28 } else if ( isset( $_REQUEST['wpMailmypassword'] ) ) {
30 } else if ( "submit" == $_REQUEST['action'] ||
array_key_exists('wpLoginattempt', $_REQUEST) ) {
38 /* private */ function addNewAccountMailPassword()
42 if ("" == $_REQUEST['wpEmail']) {
43 mainLoginForm( wfMsg( "noemail", $_REQUEST['wpName'] ) );
47 $u = addNewaccountInternal();
54 if (mailPasswordInternal($u) == NULL) {
58 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
59 $wgOut->setRobotpolicy( "noindex,nofollow" );
60 $wgOut->setArticleRelated( false );
62 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
63 $wgOut->returnToMain( false );
69 /* private */ function addNewAccount()
71 global $wgUser, $wgOut;
72 global $wgDeferredUpdateList;
74 $u = addNewAccountInternal();
81 $wgUser->setCookies();
83 $up = new UserUpdate();
84 array_push( $wgDeferredUpdateList, $up );
86 if( hasSessionCookie() ) {
87 return successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
89 return cookieRedirectCheck( "new" );
94 /* private */ function addNewAccountInternal()
96 global $wgUser, $wgOut;
97 global $wgMaxNameChars;
99 if (!$wgUser->isAllowedToCreateAccount()) {
100 userNotPrivilegedMessage();
104 if ( 0 != strcmp( $_REQUEST['wpPassword'], $_REQUEST['wpRetype'] ) ) {
105 mainLoginForm( wfMsg( "badretype" ) );
109 $name = trim( $_REQUEST['wpName'] );
110 if ( ( "" == $name ) ||
111 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
112 (strpos( $name, "/" ) !== false) ||
113 (strlen( $name ) > $wgMaxNameChars) )
115 mainLoginForm( wfMsg( "noname" ) );
118 if ( wfReadOnly() ) {
119 $wgOut->readOnlyPage();
122 $u = User
::newFromName( $name );
124 if ( 0 != $u->idForName() ) {
125 mainLoginForm( wfMsg( "userexists" ) );
129 $u->setPassword( $_REQUEST['wpPassword'] );
130 $u->setEmail( $_REQUEST['wpEmail'] );
131 if ( 1 == $_REQUEST['wpRemember'] ) { $r = 1; }
133 $u->setOption( "rememberpassword", $r );
141 /* private */ function processLogin()
144 global $wgDeferredUpdateList;
146 if ( "" == $_REQUEST['wpName'] ) {
147 mainLoginForm( wfMsg( "noname" ) );
150 $u = User
::newFromName( $_REQUEST['wpName'] );
151 $id = $u->idForName();
153 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
157 $u->loadFromDatabase();
158 $ep = $u->encryptPassword( $_REQUEST['wpPassword'] );
159 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
160 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
161 mainLoginForm( wfMsg( "wrongpassword" ) );
166 # We've verified now, update the real record
168 if ( 1 == $_REQUEST['wpRemember'] ) {
170 $u->setCookiePassword( $_REQUEST['wpPassword'] );
174 $u->setOption( "rememberpassword", $r );
177 $wgUser->setCookies();
179 $up = new UserUpdate();
180 array_push( $wgDeferredUpdateList, $up );
182 if( hasSessionCookie() ) {
183 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
185 return cookieRedirectCheck( "login" );
189 /* private */ function mailPassword()
191 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
192 global $wgCookiePath, $wgCookieDomain, $wgDBname;
194 if ( "" == $_REQUEST['wpName'] ) {
195 mainLoginForm( wfMsg( "noname" ) );
198 $u = User
::newFromName( $_REQUEST['wpName'] );
199 $id = $u->idForName();
201 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
205 $u->loadFromDatabase();
207 if (mailPasswordInternal($u) == NULL) {
211 mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
215 /* private */ function mailPasswordInternal( $u )
217 global $wgDeferredUpdateList, $wgOutputEncoding;
218 global $wgPasswordSender, $wgDBname, $wgIP;
220 if ( "" == $u->getEmail() ) {
221 mainLoginForm( wfMsg( "noemail", $u->getName() ) );
224 $np = User
::randomPassword();
225 $u->setNewpassword( $np );
227 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
231 if ( "" == $ip ) { $ip = "(Unknown)"; }
233 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
235 userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
244 /* private */ function successfulLogin( $msg )
247 global $wgDeferredUpdateList;
250 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
251 $wgOut->setRobotpolicy( "noindex,nofollow" );
252 $wgOut->setArticleRelated( false );
253 $wgOut->addHTML( $msg . "\n<p>" );
254 $wgOut->returnToMain();
257 function userNotPrivilegedMessage()
259 global $wgOut, $wgUser, $wgLang;
261 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
262 $wgOut->setRobotpolicy( "noindex,nofollow" );
263 $wgOut->setArticleRelated( false );
265 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
267 $wgOut->returnToMain( false );
270 /* private */ function mainLoginForm( $err )
272 global $wgUser, $wgOut, $wgLang;
273 global $HTTP_COOKIE_VARS, $wgDBname;
275 $le = wfMsg( "loginerror" );
276 $yn = wfMsg( "yourname" );
277 $yp = wfMsg( "yourpassword" );
278 $ypa = wfMsg( "yourpasswordagain" );
279 $rmp = wfMsg( "remembermypassword" );
280 $nuo = wfMsg( "newusersonly" );
281 $li = wfMsg( "login" );
282 $ca = wfMsg( "createaccount" );
283 $cam = wfMsg( "createaccountmail" );
284 $ye = wfMsg( "youremail" );
285 $efl = wfMsg( "emailforlost" );
286 $mmp = wfMsg( "mailmypassword" );
287 $endText = wfMsg( "loginend" );
289 if ( $endText = "<loginend>" ) {
293 $name = $_REQUEST['wpName'];
295 if ( 0 != $wgUser->getID() ) {
296 $name = $wgUser->getName();
298 $name = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
301 $pwd = $_REQUEST['wpPassword'];
303 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
304 $wgOut->setRobotpolicy( "noindex,nofollow" );
305 $wgOut->setArticleRelated( false );
308 $lp = wfMsg( "loginprompt" );
309 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
311 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
312 color='red'>$err</font>\n" );
314 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
315 $checked = " checked";
319 $q = "action=submit";
320 if ( "" != $_REQUEST['returnto'] ) { $q .= "&returnto=" . wfUrlencode($_REQUEST['returnto']); }
321 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
322 $action = $titleObj->getURL( $q, true );
324 $encName = wfEscapeHTML( $name );
325 $encPassword = wfEscapeHTML( $pwd );
326 $encRetype = wfEscapeHTML( $_REQUEST['wpRetype'] );
327 $encEmail = wfEscapeHTML( $_REQUEST['wpEmail'] );
329 if ($wgUser->getID() != 0) {
330 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
334 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
336 <td align=right>$yn:</td>
338 <input tabindex=1 type=text name=\"wpName\" value=\"{$encName}\" size=20>
341 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
345 <td align=right>$yp:</td>
347 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$encPassword}\" size=20>
350 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
354 if ($wgUser->isAllowedToCreateAccount()) {
355 $encRetype = htmlspecialchars( $_REQUEST['wpRetype'] );
356 $encEmail = htmlspecialchars( $_REQUEST['wpCreateAccount'] );
357 $wgOut->addHTML("<tr><td colspan=3> </td></tr><tr>
358 <td align=right>$ypa:</td>
360 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$encRetype}\"
362 </td><td>$nuo</td></tr>
364 <td align=right>$ye:</td>
366 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$encEmail}\" size=20>
368 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
374 <tr><td colspan=3> </td></tr><tr>
375 <td colspan=3 align=left>
377 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
380 $wgOut->addHTML( $endText );
383 /* private */ function hasSessionCookie()
385 global $wgDisableCookieCheck;
386 return ( $wgDisableCookieCheck ) ?
true : ( "" != $_COOKIE[session_name()] );
389 /* private */ function cookieRedirectCheck( $type )
391 global $wgOut, $wgLang;
393 $titleObj = Title
::makeTitle( NS_SPECIAL
, "Userlogin" );
394 $check = $titleObj->getURL( "wpCookieCheck=$type" );
396 return $wgOut->redirect( $check );
399 /* private */ function onCookieRedirectCheck( $type ) {
402 if ( !hasSessionCookie() ) {
403 if ( $type == "new" ) {
404 return mainLoginForm( wfMsg( "nocookiesnew" ) );
405 } else if ( $type == "login" ) {
406 return mainLoginForm( wfMsg( "nocookieslogin" ) );
409 return mainLoginForm( wfMsg( "error" ) );
412 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );