5 * @subpackage SpecialPage
11 function wfSpecialUserlogin() {
12 global $wgCommandLineMode;
14 if( !$wgCommandLineMode && !isset( $_COOKIE[session_name()] ) ) {
18 $form = new LoginForm( $wgRequest );
25 * @subpackage SpecialPage
33 const WRONG_PLUGIN_PASS
= 3;
38 var $mName, $mPassword, $mRetype, $mReturnTo, $mCookieCheck, $mPosted;
39 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
40 var $mLoginattempt, $mRemember, $mEmail, $mDomain, $mLanguage;
44 * @param webrequest $request A webrequest object passed by reference
46 function LoginForm( &$request ) {
47 global $wgLang, $wgAllowRealName, $wgEnableEmail;
50 $this->mType
= $request->getText( 'type' );
51 $this->mName
= $request->getText( 'wpName' );
52 $this->mPassword
= $request->getText( 'wpPassword' );
53 $this->mRetype
= $request->getText( 'wpRetype' );
54 $this->mDomain
= $request->getText( 'wpDomain' );
55 $this->mReturnTo
= $request->getVal( 'returnto' );
56 $this->mCookieCheck
= $request->getVal( 'wpCookieCheck' );
57 $this->mPosted
= $request->wasPosted();
58 $this->mCreateaccount
= $request->getCheck( 'wpCreateaccount' );
59 $this->mCreateaccountMail
= $request->getCheck( 'wpCreateaccountMail' )
61 $this->mMailmypassword
= $request->getCheck( 'wpMailmypassword' )
63 $this->mLoginattempt
= $request->getCheck( 'wpLoginattempt' );
64 $this->mAction
= $request->getVal( 'action' );
65 $this->mRemember
= $request->getCheck( 'wpRemember' );
66 $this->mLanguage
= $request->getText( 'uselang' );
68 if( $wgEnableEmail ) {
69 $this->mEmail
= $request->getText( 'wpEmail' );
73 if( $wgAllowRealName ) {
74 $this->mRealName
= $request->getText( 'wpRealName' );
76 $this->mRealName
= '';
79 if( !$wgAuth->validDomain( $this->mDomain
) ) {
80 $this->mDomain
= 'invaliddomain';
82 $wgAuth->setDomain( $this->mDomain
);
84 # When switching accounts, it sucks to get automatically logged out
85 if( $this->mReturnTo
== $wgLang->specialPage( 'Userlogout' ) ) {
86 $this->mReturnTo
= '';
91 if ( !is_null( $this->mCookieCheck
) ) {
92 $this->onCookieRedirectCheck( $this->mCookieCheck
);
94 } else if( $this->mPosted
) {
95 if( $this->mCreateaccount
) {
96 return $this->addNewAccount();
97 } else if ( $this->mCreateaccountMail
) {
98 return $this->addNewAccountMailPassword();
99 } else if ( $this->mMailmypassword
) {
100 return $this->mailPassword();
101 } else if ( ( 'submitlogin' == $this->mAction
) ||
$this->mLoginattempt
) {
102 return $this->processLogin();
105 $this->mainLoginForm( '' );
111 function addNewAccountMailPassword() {
114 if ('' == $this->mEmail
) {
115 $this->mainLoginForm( wfMsg( 'noemail', htmlspecialchars( $this->mName
) ) );
119 $u = $this->addNewaccountInternal();
126 $result = $this->mailPasswordInternal( $u, false );
128 wfRunHooks( 'AddNewAccount', array( $u ) );
130 $wgOut->setPageTitle( wfMsg( 'accmailtitle' ) );
131 $wgOut->setRobotpolicy( 'noindex,nofollow' );
132 $wgOut->setArticleRelated( false );
134 if( WikiError
::isError( $result ) ) {
135 $this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
137 $wgOut->addWikiText( wfMsg( 'accmailtext', $u->getName(), $u->getEmail() ) );
138 $wgOut->returnToMain( false );
147 function addNewAccount() {
148 global $wgUser, $wgEmailAuthentication;
150 # Create the account and abort if there's a problem doing so
151 $u = $this->addNewAccountInternal();
155 # If we showed up language selection links, and one was in use, be
156 # smart (and sensible) and save that language as the user's preference
157 global $wgLoginLanguageSelector;
158 if( $wgLoginLanguageSelector && $this->mLanguage
)
159 $u->setOption( 'language', $this->mLanguage
);
161 # Save user settings and send out an email authentication message if needed
163 if( $wgEmailAuthentication && User
::isValidEmailAddr( $u->getEmail() ) )
164 $u->sendConfirmationMail();
166 # If not logged in, assume the new account as the current one and set session cookies
167 # then show a "welcome" message or a "need cookies" message as needed
168 if( $wgUser->isAnon() ) {
170 $wgUser->setCookies();
171 wfRunHooks( 'AddNewAccount', array( $wgUser ) );
172 if( $this->hasSessionCookie() ) {
173 return $this->successfulLogin( wfMsg( 'welcomecreation', $wgUser->getName() ), false );
175 return $this->cookieRedirectCheck( 'new' );
178 # Confirm that the account was created
180 $skin = $wgUser->getSkin();
181 $self = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
182 $wgOut->setPageTitle( wfMsgHtml( 'accountcreated' ) );
183 $wgOut->setArticleRelated( false );
184 $wgOut->setRobotPolicy( 'noindex,nofollow' );
185 $wgOut->addHtml( wfMsgWikiHtml( 'accountcreatedtext', $u->getName() ) );
186 $wgOut->returnToMain( $self->getPrefixedText() );
187 wfRunHooks( 'AddNewAccount', array( $u ) );
195 function addNewAccountInternal() {
196 global $wgUser, $wgOut;
197 global $wgEnableSorbs, $wgProxyWhitelist;
198 global $wgMemc, $wgAccountCreationThrottle;
199 global $wgAuth, $wgMinimalPasswordLength;
201 // If the user passes an invalid domain, something is fishy
202 if( !$wgAuth->validDomain( $this->mDomain
) ) {
203 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
207 // If we are not allowing users to login locally, we should
208 // be checking to see if the user is actually able to
209 // authenticate to the authentication server before they
210 // create an account (otherwise, they can create a local account
211 // and login as any domain user). We only need to check this for
212 // domains that aren't local.
213 if( 'local' != $this->mDomain
&& '' != $this->mDomain
) {
214 if( !$wgAuth->canCreateAccounts() && ( !$wgAuth->userExists( $this->mName
) ||
!$wgAuth->authenticate( $this->mName
, $this->mPassword
) ) ) {
215 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
220 if ( wfReadOnly() ) {
221 $wgOut->readOnlyPage();
225 if (!$wgUser->isAllowedToCreateAccount()) {
226 $this->userNotPrivilegedMessage();
231 if ( $wgEnableSorbs && !in_array( $ip, $wgProxyWhitelist ) &&
232 $wgUser->inSorbsBlacklist( $ip ) )
234 $this->mainLoginForm( wfMsg( 'sorbs_create_account_reason' ) . ' (' . htmlspecialchars( $ip ) . ')' );
238 $name = trim( $this->mName
);
239 $u = User
::newFromName( $name, 'creatable' );
240 if ( is_null( $u ) ) {
241 $this->mainLoginForm( wfMsg( 'noname' ) );
245 if ( 0 != $u->idForName() ) {
246 $this->mainLoginForm( wfMsg( 'userexists' ) );
250 if ( 0 != strcmp( $this->mPassword
, $this->mRetype
) ) {
251 $this->mainLoginForm( wfMsg( 'badretype' ) );
255 if ( !$wgUser->isValidPassword( $this->mPassword
) ) {
256 $this->mainLoginForm( wfMsg( 'passwordtooshort', $wgMinimalPasswordLength ) );
261 if( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) {
262 // Hook point to add extra creation throttles and blocks
263 wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" );
264 $this->mainLoginForm( $abortError );
268 if ( $wgAccountCreationThrottle ) {
269 $key = wfMemcKey( 'acctcreate', 'ip', $ip );
270 $value = $wgMemc->incr( $key );
272 $wgMemc->set( $key, 1, 86400 );
274 if ( $value > $wgAccountCreationThrottle ) {
275 $this->throttleHit( $wgAccountCreationThrottle );
280 if( !$wgAuth->addUser( $u, $this->mPassword
) ) {
281 $this->mainLoginForm( wfMsg( 'externaldberror' ) );
286 $ssUpdate = new SiteStatsUpdate( 0, 0, 0, 0, 1 );
287 $ssUpdate->doUpdate();
289 return $this->initUser( $u );
293 * Actually add a user to the database.
294 * Give it a User object that has been initialised with a name.
296 * @param $u User object.
297 * @return User object.
300 function &initUser( &$u ) {
302 $u->setPassword( $this->mPassword
);
303 $u->setEmail( $this->mEmail
);
304 $u->setRealName( $this->mRealName
);
308 $wgAuth->initUser( $u );
310 $u->setOption( 'rememberpassword', $this->mRemember ?
1 : 0 );
319 function authenticateUserData()
321 global $wgUser, $wgAuth;
322 if ( '' == $this->mName
) {
323 return self
::NO_NAME
;
325 $u = User
::newFromName( $this->mName
);
326 if( is_null( $u ) ||
!User
::isUsableName( $u->getName() ) ) {
327 return self
::ILLEGAL
;
329 if ( 0 == $u->getID() ) {
332 * If the external authentication plugin allows it,
333 * automatically create a new account for users that
334 * are externally defined but have not yet logged in.
336 if ( $wgAuth->autoCreate() && $wgAuth->userExists( $u->getName() ) ) {
337 if ( $wgAuth->authenticate( $u->getName(), $this->mPassword
) ) {
338 $u =& $this->initUser( $u );
340 return self
::WRONG_PLUGIN_PASS
;
343 return self
::NOT_EXISTS
;
349 if (!$u->checkPassword( $this->mPassword
)) {
350 return '' == $this->mPassword ? self
::EMPTY_PASS
: self
::WRONG_PASS
;
354 $wgAuth->updateUser( $u );
357 return self
::SUCCESS
;
361 function processLogin() {
362 global $wgUser, $wgAuth;
364 switch ($this->authenticateUserData())
367 # We've verified now, update the real record
368 if( (bool)$this->mRemember
!= (bool)$wgUser->getOption( 'rememberpassword' ) ) {
369 $wgUser->setOption( 'rememberpassword', $this->mRemember ?
1 : 0 );
370 $wgUser->saveSettings();
372 $wgUser->invalidateCache();
374 $wgUser->setCookies();
376 if( $this->hasSessionCookie() ) {
377 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
379 return $this->cookieRedirectCheck( 'login' );
385 $this->mainLoginForm( wfMsg( 'noname' ) );
387 case self
::WRONG_PLUGIN_PASS
:
388 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
390 case self
::NOT_EXISTS
:
391 $this->mainLoginForm( wfMsg( 'nosuchuser', htmlspecialchars( $this->mName
) ) );
393 case self
::WRONG_PASS
:
394 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
396 case self
::EMPTY_PASS
:
397 $this->mainLoginForm( wfMsg( 'wrongpasswordempty' ) );
400 wfDebugDieBacktrace( "Unhandled case value" );
407 function mailPassword() {
408 global $wgUser, $wgOut;
410 # Check against blocked IPs
411 # fixme -- should we not?
412 if( $wgUser->isBlocked() ) {
413 $this->mainLoginForm( wfMsg( 'blocked-mailpassword' ) );
417 # Check against the rate limiter
418 if( $wgUser->pingLimiter( 'mailpassword' ) ) {
419 $wgOut->rateLimited();
423 if ( '' == $this->mName
) {
424 $this->mainLoginForm( wfMsg( 'noname' ) );
427 $u = User
::newFromName( $this->mName
);
428 if( is_null( $u ) ) {
429 $this->mainLoginForm( wfMsg( 'noname' ) );
432 if ( 0 == $u->getID() ) {
433 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
437 # Check against password throttle
438 if ( $u->isPasswordReminderThrottled() ) {
439 global $wgPasswordReminderResendTime;
440 # Round the time in hours to 3 d.p., in case someone is specifying minutes or seconds.
441 $this->mainLoginForm( wfMsg( 'throttled-mailpassword',
442 round( $wgPasswordReminderResendTime, 3 ) ) );
446 $result = $this->mailPasswordInternal( $u, true );
447 if( WikiError
::isError( $result ) ) {
448 $this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
450 $this->mainLoginForm( wfMsg( 'passwordsent', $u->getName() ), 'success' );
456 * @return mixed true on success, WikiError on failure
459 function mailPasswordInternal( $u, $throttle = true ) {
460 global $wgCookiePath, $wgCookieDomain, $wgCookiePrefix, $wgCookieSecure;
461 global $wgServer, $wgScript;
463 if ( '' == $u->getEmail() ) {
464 return new WikiError( wfMsg( 'noemail', $u->getName() ) );
467 $np = $u->randomPassword();
468 $u->setNewpassword( $np, $throttle );
470 setcookie( "{$wgCookiePrefix}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
475 if ( '' == $ip ) { $ip = '(Unknown)'; }
477 $m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np, $wgServer . $wgScript );
479 $result = $u->sendMail( wfMsg( 'passwordremindertitle' ), $m );
485 * @param string $msg Message that will be shown on success
486 * @param bool $auto Toggle auto-redirect to main page; default true
489 function successfulLogin( $msg, $auto = true ) {
493 # Run any hooks; ignore results
495 wfRunHooks('UserLoginComplete', array(&$wgUser));
497 $wgOut->setPageTitle( wfMsg( 'loginsuccesstitle' ) );
498 $wgOut->setRobotpolicy( 'noindex,nofollow' );
499 $wgOut->setArticleRelated( false );
500 $wgOut->addWikiText( $msg );
501 if ( !empty( $this->mReturnTo
) ) {
502 $wgOut->returnToMain( $auto, $this->mReturnTo
);
504 $wgOut->returnToMain( $auto );
509 function userNotPrivilegedMessage() {
512 $wgOut->setPageTitle( wfMsg( 'whitelistacctitle' ) );
513 $wgOut->setRobotpolicy( 'noindex,nofollow' );
514 $wgOut->setArticleRelated( false );
516 $wgOut->addWikiText( wfMsg( 'whitelistacctext' ) );
518 $wgOut->returnToMain( false );
522 function userBlockedMessage() {
525 # Let's be nice about this, it's likely that this feature will be used
526 # for blocking large numbers of innocent people, e.g. range blocks on
527 # schools. Don't blame it on the user. There's a small chance that it
528 # really is the user's fault, i.e. the username is blocked and they
529 # haven't bothered to log out before trying to create an account to
530 # evade it, but we'll leave that to their guilty conscience to figure
533 $wgOut->setPageTitle( wfMsg( 'cantcreateaccounttitle' ) );
534 $wgOut->setRobotpolicy( 'noindex,nofollow' );
535 $wgOut->setArticleRelated( false );
538 $wgOut->addWikiText( wfMsg( 'cantcreateaccounttext', $ip ) );
539 $wgOut->returnToMain( false );
545 function mainLoginForm( $msg, $msgtype = 'error' ) {
546 global $wgUser, $wgOut, $wgAllowRealName, $wgEnableEmail;
547 global $wgCookiePrefix, $wgAuth, $wgLoginLanguageSelector;
549 if ( $this->mType
== 'signup' ) {
550 if ( !$wgUser->isAllowed( 'createaccount' ) ) {
551 $this->userNotPrivilegedMessage();
553 } elseif ( $wgUser->isBlockedFromCreateAccount() ) {
554 $this->userBlockedMessage();
559 if ( '' == $this->mName
) {
560 if ( $wgUser->isLoggedIn() ) {
561 $this->mName
= $wgUser->getName();
563 $this->mName
= @$_COOKIE[$wgCookiePrefix.'UserName'];
567 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
569 if ( $this->mType
== 'signup' ) {
570 $template = new UsercreateTemplate();
571 $q = 'action=submitlogin&type=signup';
572 $linkq = 'type=login';
573 $linkmsg = 'gotaccount';
575 $template = new UserloginTemplate();
576 $q = 'action=submitlogin&type=login';
577 $linkq = 'type=signup';
578 $linkmsg = 'nologin';
581 if ( !empty( $this->mReturnTo
) ) {
582 $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo
);
587 # Pass any language selection on to the mode switch link
588 if( $wgLoginLanguageSelector && $this->mLanguage
)
589 $linkq .= '&uselang=' . $this->mLanguage
;
591 $link = '<a href="' . htmlspecialchars ( $titleObj->getLocalUrl( $linkq ) ) . '">';
592 $link .= wfMsgHtml( $linkmsg . 'link' );
595 # Don't show a "create account" link if the user can't
596 if( $this->showCreateOrLoginLink( $wgUser ) )
597 $template->set( 'link', wfMsgHtml( $linkmsg, $link ) );
599 $template->set( 'link', '' );
601 $template->set( 'header', '' );
602 $template->set( 'name', $this->mName
);
603 $template->set( 'password', $this->mPassword
);
604 $template->set( 'retype', $this->mRetype
);
605 $template->set( 'email', $this->mEmail
);
606 $template->set( 'realname', $this->mRealName
);
607 $template->set( 'domain', $this->mDomain
);
609 $template->set( 'action', $titleObj->getLocalUrl( $q ) );
610 $template->set( 'message', $msg );
611 $template->set( 'messagetype', $msgtype );
612 $template->set( 'createemail', $wgEnableEmail && $wgUser->isLoggedIn() );
613 $template->set( 'userealname', $wgAllowRealName );
614 $template->set( 'useemail', $wgEnableEmail );
615 $template->set( 'remember', $wgUser->getOption( 'rememberpassword' ) or $this->mRemember
);
617 # Prepare language selection links as needed
618 if( $wgLoginLanguageSelector ) {
619 $template->set( 'languages', $this->makeLanguageSelector() );
620 if( $this->mLanguage
)
621 $template->set( 'uselang', $this->mLanguage
);
624 // Give authentication and captcha plugins a chance to modify the form
625 $wgAuth->modifyUITemplate( $template );
626 if ( $this->mType
== 'signup' ) {
627 wfRunHooks( 'UserCreateForm', array( &$template ) );
629 wfRunHooks( 'UserLoginForm', array( &$template ) );
632 $wgOut->setPageTitle( wfMsg( 'userlogin' ) );
633 $wgOut->setRobotpolicy( 'noindex,nofollow' );
634 $wgOut->setArticleRelated( false );
635 $wgOut->addTemplate( $template );
641 function showCreateOrLoginLink( &$user ) {
642 if( $this->mType
== 'signup' ) {
644 } elseif( $user->isAllowed( 'createaccount' ) ) {
654 function hasSessionCookie() {
655 global $wgDisableCookieCheck;
656 return ( $wgDisableCookieCheck ) ?
true : ( isset( $_COOKIE[session_name()] ) );
662 function cookieRedirectCheck( $type ) {
665 $titleObj = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
666 $check = $titleObj->getFullURL( 'wpCookieCheck='.$type );
668 return $wgOut->redirect( $check );
674 function onCookieRedirectCheck( $type ) {
677 if ( !$this->hasSessionCookie() ) {
678 if ( $type == 'new' ) {
679 return $this->mainLoginForm( wfMsg( 'nocookiesnew' ) );
680 } else if ( $type == 'login' ) {
681 return $this->mainLoginForm( wfMsg( 'nocookieslogin' ) );
684 return $this->mainLoginForm( wfMsg( 'error' ) );
687 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
694 function throttleHit( $limit ) {
697 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
701 * Produce a bar of links which allow the user to select another language
702 * during login/registration but retain "returnto"
706 function makeLanguageSelector() {
707 $msg = wfMsgForContent( 'loginlanguagelinks' );
708 if( $msg != '' && !wfEmptyMsg( 'loginlanguagelinks', $msg ) ) {
709 $langs = explode( "\n", $msg );
711 foreach( $langs as $lang ) {
712 $lang = trim( $lang, '* ' );
713 $parts = explode( '|', $lang );
714 $links[] = $this->makeLanguageSelectorLink( $parts[0], $parts[1] );
716 return count( $links ) > 0 ?
wfMsgHtml( 'loginlanguagelabel', implode( ' | ', $links ) ) : '';
723 * Create a language selector link for a particular language
724 * Links back to this page preserving type and returnto
726 * @param $text Link text
727 * @param $lang Language code
729 function makeLanguageSelectorLink( $text, $lang ) {
731 $self = Title
::makeTitle( NS_SPECIAL
, 'Userlogin' );
732 $attr[] = 'uselang=' . $lang;
733 if( $this->mType
== 'signup' )
734 $attr[] = 'type=signup';
735 if( $this->mReturnTo
)
736 $attr[] = 'returnto=' . $this->mReturnTo
;
737 $skin =& $wgUser->getSkin();
738 return $skin->makeKnownLinkObj( $self, htmlspecialchars( $text ), implode( '&', $attr ) );