3 * Implements Special:ChangeEmail
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
21 * @ingroup SpecialPage
25 * Let users change their email address.
27 * @ingroup SpecialPage
29 class SpecialChangeEmail
extends FormSpecialPage
{
35 public function __construct() {
36 parent
::__construct( 'ChangeEmail', 'editmyprivateinfo' );
45 return $wgAuth->allowPropChange( 'emailaddress' );
49 * Main execution point
52 function execute( $par ) {
53 $out = $this->getOutput();
54 $out->disallowUserJs();
55 $out->addModules( 'mediawiki.special.changeemail' );
57 return parent
::execute( $par );
60 protected function checkExecutePermissions( User
$user ) {
63 if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) {
64 throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
67 $this->requireLogin( 'changeemail-no-info' );
69 // This could also let someone check the current email address, so
70 // require both permissions.
71 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
72 throw new PermissionsError( 'viewmyprivateinfo' );
75 parent
::checkExecutePermissions( $user );
78 protected function getFormFields() {
79 $user = $this->getUser();
84 'label-message' => 'username',
85 'default' => $user->getName(),
89 'label-message' => 'changeemail-oldemail',
90 'default' => $user->getEmail() ?
: $this->msg( 'changeemail-none' )->text(),
94 'label-message' => 'changeemail-newemail',
98 if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
99 $fields['Password'] = array(
100 'type' => 'password',
101 'label-message' => 'changeemail-password',
109 protected function alterForm( HTMLForm
$form ) {
110 $form->setId( 'mw-changeemail-form' );
111 $form->setTableId( 'mw-changeemail-table' );
112 $form->setWrapperLegendMsg( 'changeemail-header' );
113 $form->setSubmitTextMsg( 'changeemail-submit' );
114 $form->addButton( 'wpCancel', $this->msg( 'changeemail-cancel' )->text() );
115 $form->addHiddenField( 'returnto', $this->getRequest()->getVal( 'returnto' ) );
118 public function onSubmit( array $data ) {
119 if ( $this->getRequest()->getBool( 'wpCancel' ) ) {
120 $status = Status
::newGood( true );
122 $password = isset( $data['Password'] ) ?
$data['Password'] : null;
123 $status = $this->attemptChange( $this->getUser(), $password, $data['NewEmail'] );
126 $this->status
= $status;
131 public function onSuccess() {
132 $titleObj = Title
::newFromText( $this->getRequest()->getVal( 'returnto' ) );
133 if ( !$titleObj instanceof Title
) {
134 $titleObj = Title
::newMainPage();
137 if ( $this->status
->value
=== true ) {
138 $this->getOutput()->redirect( $titleObj->getFullURL() );
139 } elseif ( $this->status
->value
=== 'eauth' ) {
140 # Notify user that a confirmation email has been sent...
141 $this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
142 'eauthentsent', $this->getUser()->getName() );
143 $this->getOutput()->addReturnTo( $titleObj ); // just show the link to go back
149 * @param string $pass
150 * @param string $newaddr
153 protected function attemptChange( User
$user, $pass, $newaddr ) {
156 if ( $newaddr != '' && !Sanitizer
::validateEmail( $newaddr ) ) {
157 return Status
::newFatal( 'invalidemailaddress' );
160 $throttleCount = LoginForm
::incLoginThrottle( $user->getName() );
161 if ( $throttleCount === true ) {
162 $lang = $this->getLanguage();
163 $throttleInfo = $this->getConfig()->get( 'PasswordAttemptThrottle' );
164 return Status
::newFatal(
165 'changeemail-throttled',
166 $lang->formatDuration( $throttleInfo['seconds'] )
170 if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' )
171 && !$user->checkTemporaryPassword( $pass )
172 && !$user->checkPassword( $pass )
174 return Status
::newFatal( 'wrongpassword' );
177 if ( $throttleCount ) {
178 LoginForm
::clearLoginThrottle( $user->getName() );
181 $oldaddr = $user->getEmail();
182 $status = $user->setEmailWithConfirmation( $newaddr );
183 if ( !$status->isGood() ) {
187 wfRunHooks( 'PrefsEmailAudit', array( $user, $oldaddr, $newaddr ) );
189 $user->saveSettings();
191 $wgAuth->updateExternalDB( $user );
196 public function requiresUnblock() {
200 protected function getGroupName() {