/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistant
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*
* @access public
*/
public function execute()
{
$name = $password = $domain = null;
extract($this->extractRequestParams());
$result = array();
// Make sure noone is trying to guess the password brut-force
$nextLoginIn = $this->getNextLoginTimeout();
if ($nextLoginIn > 0) {
$result['result'] = 'NeedToWait';
$result['details'] = "Please wait {$nextLoginIn} seconds before next log-in attempt";
$result['wait'] = $nextLoginIn;
$this->getResult()->addValue(null, 'login', $result);
return;
}
$params = new FauxRequest(array('wpName' => $name, 'wpPassword' => $password, 'wpDomain' => $domain, 'wpRemember' => ''));
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$loginForm = new LoginForm($params);
switch ($loginForm->authenticateUserData()) {
case LoginForm::SUCCESS:
global $wgUser, $wgCookiePrefix;
$wgUser->setOption('rememberpassword', 1);
$wgUser->setCookies();
$result['result'] = 'Success';
$result['lguserid'] = $_SESSION['wsUserID'];
$result['lgusername'] = $_SESSION['wsUserName'];
$result['lgtoken'] = $_SESSION['wsToken'];
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
default:
ApiBase::dieDebug(__METHOD__, 'Unhandled case value');
}
if ($result['result'] != 'Success') {
$result['wait'] = $this->cacheBadLogin();
$result['details'] = "Please wait " . self::THROTTLE_TIME . " seconds before next log-in attempt";
}
// if we were allowed to try to login, memcache is fine
$this->getResult()->addValue(null, 'login', $result);
}
/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistent
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*
* @access public
*/
public function execute()
{
$params = $this->extractRequestParams();
$result = array();
$req = new FauxRequest(array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpRemember' => ''));
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$loginForm = new LoginForm($req);
switch ($authRes = $loginForm->authenticateUserData()) {
case LoginForm::SUCCESS:
global $wgUser, $wgCookiePrefix;
$wgUser->setOption('rememberpassword', 1);
$wgUser->setCookies();
// Run hooks. FIXME: split back and frontend from this hook.
// FIXME: This hook should be placed in the backend
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
$result['result'] = 'Success';
$result['lguserid'] = intval($wgUser->getId());
$result['lgusername'] = $wgUser->getName();
$result['lgtoken'] = $wgUser->getToken();
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['details'] = 'Your IP address is blocked from account creation';
break;
case LoginForm::THROTTLED:
global $wgPasswordAttemptThrottle;
$result['result'] = 'Throttled';
$result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
}
$this->getResult()->addValue(null, 'login', $result);
}
public function execute()
{
$name = $password = $domain = null;
extract($this->extractRequestParams());
$params = new FauxRequest(array('wpName' => $name, 'wpPassword' => $password, 'wpDomain' => $domain, 'wpRemember' => ''));
$result = array();
$loginForm = new LoginForm($params);
switch ($loginForm->authenticateUserData()) {
case LoginForm::SUCCESS:
global $wgUser;
$wgUser->setOption('rememberpassword', 1);
$wgUser->setCookies();
$result['result'] = 'Success';
$result['lguserid'] = $_SESSION['wsUserID'];
$result['lgusername'] = $_SESSION['wsUserName'];
$result['lgtoken'] = $_SESSION['wsToken'];
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
default:
ApiBase::dieDebug(__METHOD__, 'Unhandled case value');
}
$this->getResult()->addValue(null, 'login', $result);
}
function processLoginRequest($user, $pass)
{
global $wgUser, $wgRequest;
$userlogin = new LoginForm($wgRequest);
$userlogin->mName = $user;
$userlogin->mPassword = $pass;
//$auth = $userlogin->authenticateUserData();
//$r= new AjaxResponse($auth);
//return $r;
$msg = '';
switch ($userlogin->authenticateUserData()) {
case LoginForm::SUCCESS:
$wgUser->setCookies();
$msg = wfMsgWikiHtml('loginsuccess', $wgUser->getName());
break;
case LoginForm::NO_NAME:
case LoginForm::ILLEGAL:
$msg = wfMsgWikiHtml('noname');
break;
case LoginForm::WRONG_PLUGIN_PASS:
$msg = wfMsgWikiHtml('wrongpassword');
break;
case LoginForm::NOT_EXISTS:
$msg = wfMsgWikiHtml('nosuchuser', htmlspecialchars($user));
break;
case LoginForm::WRONG_PASS:
$msg = wfMsgWikiHtml('wrongpassword');
break;
case LoginForm::EMPTY_PASS:
$msg = wfMsgWikiHtml('wrongpasswordempty');
break;
case LoginForm::RESET_PASS:
$msg = wfMsgWikiHtml('resetpass_announce');
break;
default:
wfDebugDieBacktrace("Unhandled case value");
}
return new AjaxResponse('<div class="pBody">' . $msg . '</div>');
}
/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistent
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*/
public function execute()
{
$params = $this->extractRequestParams();
$result = array();
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$context = new DerivativeContext($this->getContext());
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
$loginForm = new LoginForm();
$loginForm->setContext($context);
global $wgCookiePrefix, $wgPasswordAttemptThrottle;
$authRes = $loginForm->authenticateUserData();
switch ($authRes) {
case LoginForm::SUCCESS:
$user = $context->getUser();
$this->getContext()->setUser($user);
$user->setOption('rememberpassword', 1);
$user->setCookies($this->getRequest());
ApiQueryInfo::resetTokenCache();
// Run hooks.
// @todo FIXME: Split back and frontend from this hook.
// @todo FIXME: This hook should be placed in the backend
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$user, &$injected_html));
$result['result'] = 'Success';
$result['lguserid'] = intval($user->getId());
$result['lgusername'] = $user->getName();
$result['lgtoken'] = $user->getToken();
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = $loginForm->getLoginToken();
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::WRONG_TOKEN:
$result['result'] = 'WrongToken';
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
case LoginForm::RESET_PASS:
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;"
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;"
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['details'] = 'Your IP address is blocked from account creation';
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
break;
case LoginForm::USER_BLOCKED:
$result['result'] = 'Blocked';
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['reason'] = $loginForm->mAbortLoginErrorMsg;
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
}
$this->getResult()->addValue(null, 'login', $result);
}
/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistent
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*/
public function execute()
{
// If we're in a mode that breaks the same-origin policy, no tokens can
// be obtained
if ($this->lacksSameOriginSecurity()) {
$this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied'));
return;
}
$params = $this->extractRequestParams();
$result = array();
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$context = new DerivativeContext($this->getContext());
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
$loginForm = new LoginForm();
$loginForm->setContext($context);
$authRes = $loginForm->authenticateUserData();
switch ($authRes) {
case LoginForm::SUCCESS:
$user = $context->getUser();
$this->getContext()->setUser($user);
$user->setCookies($this->getRequest(), null, true);
ApiQueryInfo::resetTokenCache();
// Run hooks.
// @todo FIXME: Split back and frontend from this hook.
// @todo FIXME: This hook should be placed in the backend
$injected_html = '';
Hooks::run('UserLoginComplete', array(&$user, &$injected_html));
$result['result'] = 'Success';
$result['lguserid'] = intval($user->getId());
$result['lgusername'] = $user->getName();
$result['lgtoken'] = $user->getToken();
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = session_id();
break;
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = $loginForm->getLoginToken();
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = session_id();
break;
case LoginForm::WRONG_TOKEN:
$result['result'] = 'WrongToken';
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
case LoginForm::RESET_PASS:
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['details'] = 'Your IP address is blocked from account creation';
$block = $context->getUser()->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$throttle = $this->getConfig()->get('PasswordAttemptThrottle');
$result['wait'] = intval($throttle['seconds']);
break;
case LoginForm::USER_BLOCKED:
$result['result'] = 'Blocked';
$block = User::newFromName($params['name'])->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['reason'] = $loginForm->mAbortLoginErrorMsg;
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
}
$this->getResult()->addValue(null, 'login', $result);
LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'status' => LoginForm::$statusCodes[$authRes]));
}
public function execute()
{
$Name = $Password = $Remember = $Loginattempt = $Mailmypassword = $LoginToken = null;
extract($this->extractRequestParams());
if (!empty($Loginattempt)) {
// Login attempt
$params = new FauxRequest(array('wpName' => $Name, 'wpPassword' => $Password, 'wpRemember' => $Remember, 'wpLoginattempt' => $Loginattempt, 'wpLoginToken' => $LoginToken));
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$result = array();
$loginForm = new LoginForm($params);
$caseCode = $loginForm->authenticateUserData();
switch ($caseCode) {
case LoginForm::RESET_PASS:
$result['result'] = 'Reset';
break;
case LoginForm::SUCCESS:
global $wgUser;
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
$wgUser->setGlobalPreference('rememberpassword', $Remember ? 1 : 0);
$wgUser->setCookies();
$result['result'] = 'Success';
$result['lguserid'] = $_SESSION['wsUserID'];
$result['lgusername'] = $_SESSION['wsUserName'];
$result['lgtoken'] = $_SESSION['wsToken'];
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
$result['text'] = wfMsg('noname');
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
$result['text'] = wfMsg('noname');
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
$result['text'] = wfMsg('wrongpassword');
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
$result['text'] = wfMsg('nosuchuser', htmlspecialchars($Name));
break;
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
$result['text'] = wfMsg('wrongpassword');
#set default normal message
$attemptedUser = User::newFromName($Name);
if (!is_null($attemptedUser)) {
$disOpt = $attemptedUser->getGlobalFlag('disabled');
if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
#either closed account flag was present, override fail message
$result['text'] = wfMsg('edit-account-closed-flag');
}
}
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
$result['text'] = wfMsg('wrongpasswordempty');
break;
case LoginForm::NEED_TOKEN:
case LoginForm::WRONG_TOKEN:
$result['result'] = 'NeedToken';
$result['text'] = wfMsg('sessionfailure');
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$result['text'] = wfMsg('login-throttled');
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['text'] = wfMsg($loginForm->mAbortLoginErrorMsg);
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: \"{$caseCode}\"");
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
} else {
if (!empty($Mailmypassword)) {
// Remind password attemp
$params = new FauxRequest(array('wpName' => $Name));
$result = array();
$loginForm = new LoginForm($params);
$loginForm->load();
global $wgUser, $wgOut, $wgAuth;
if (!$wgAuth->allowPasswordChange()) {
$result['result'] = 'resetpass_forbidden';
$result['text'] = wfMsg('resetpass_forbidden');
} else {
if ($wgUser->isBlocked()) {
$result['result'] = 'blocked-mailpassword';
$result['text'] = wfMsg('blocked-mailpassword');
} else {
if ('' == $loginForm->mUsername) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} else {
$u = User::newFromName($loginForm->mUsername);
if (empty($u)) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} else {
if (0 == $u->getID()) {
$result['result'] = 'nosuchuser';
$result['text'] = wfMsg('nosuchuser', $u->getName());
} else {
if ($u->isPasswordReminderThrottled()) {
global $wgPasswordReminderResendTime;
$result['result'] = 'throttled-mailpassword';
$result['text'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
} else {
$res = $loginForm->mailPasswordInternal($u, true);
if (!$res->isOK()) {
$result['result'] = 'mailerror';
$result['text'] = wfMsg('mailerror', $res->getMessage());
} else {
$result['result'] = 'OK';
$result['text'] = wfMsg('passwordsent', $u->getName());
}
}
}
}
}
}
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
}
}
}
/**
* Logs in a user with given login name and password. If keeploggedin, sets a cookie.
*
* @requestParam string username
* @requestParam string password
* @requestParam string keeploggedin [true/false]
* @responseParam string result [ok/error/unconfirm/resetpass]
* @responseParam string msg - result message
* @responseParam string errParam - error param
*/
public function login()
{
// Init session if necessary
if (session_id() == '') {
wfSetupSession();
}
$loginForm = new LoginForm($this->wg->request);
$loginForm->load();
// MW1.19 uses different form fields names
// set variables
if ($this->wg->request->getText('username', '') != '') {
$loginForm->mUsername = $this->wg->request->getText('username');
}
if ($this->wg->request->getText('password', '') != '') {
$loginForm->mPassword = $this->wg->request->getText('password');
}
if ($this->wg->request->getText('keeploggedin', '') != '') {
$loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
}
if ($this->wg->request->getVal('loginToken', '') != '') {
$loginForm->mToken = $this->wg->request->getVal('loginToken');
}
if ($this->wg->request->getVal('returnto', '') != '') {
$loginForm->mReturnTo = $this->wg->request->getVal('returnto');
}
$loginCase = $loginForm->authenticateUserData();
switch ($loginCase) {
case LoginForm::SUCCESS:
// first check if user has confirmed email after sign up
if ($this->wg->User->getGlobalFlag(self::NOT_CONFIRMED_SIGNUP_OPTION_NAME) && $this->wg->User->getGlobalAttribute(self::NOT_CONFIRMED_LOGIN_OPTION_NAME) !== self::NOT_CONFIRMED_LOGIN_ALLOWED) {
// User not confirmed on signup
LoginForm::clearLoginToken();
$this->userLoginHelper->setNotConfirmedUserSession($this->wg->User->getId());
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
$this->response->setValues(['result' => 'unconfirm', 'msg' => wfMessage('usersignup-confirmation-email-sent', $this->wg->User->getEmail())->parse()]);
} else {
$result = '';
$resultMsg = '';
if (!wfRunHooks('WikiaUserLoginSuccess', array($this->wg->User, &$result, &$resultMsg))) {
$this->response->setValues(['result' => $result, 'msg' => $resultMsg]);
break;
}
// Login succesful
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
// set rememberpassword option
if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getGlobalPreference('rememberpassword')) {
$this->wg->User->setGlobalPreference('rememberpassword', $loginForm->mRemember ? 1 : 0);
$this->wg->User->saveSettings();
} else {
$this->wg->User->invalidateCache();
}
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
UserLoginHelper::clearNotConfirmedUserSession();
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
// we're sure at this point we'll need the private field'
// value in the template let's pass them then
$this->response->setValues(['username' => $loginForm->mUsername, 'result' => 'ok']);
// regenerate session ID on user login (the approach MW's core SpecialUserLogin uses)
// to avoid race conditions with long running requests logging the user back in & out
// @see PLATFORM-1028
wfResetSessionID();
}
break;
case LoginForm::NEED_TOKEN:
case LoginForm::WRONG_TOKEN:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-sessionfailure')->escaped()]);
break;
case LoginForm::NO_NAME:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-noname')->escaped(), 'errParam' => 'username']);
break;
case LoginForm::NOT_EXISTS:
case LoginForm::ILLEGAL:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-nosuchuser')->escaped(), 'errParam' => 'username']);
break;
case LoginForm::WRONG_PLUGIN_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
break;
case LoginForm::WRONG_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
$attemptedUser = User::newFromName($loginForm->mUsername);
if (!is_null($attemptedUser)) {
$disOpt = $attemptedUser->getGlobalFlag('disabled');
if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
# either closed account flag was present, override fail message
$this->response->setValues(['msg' => wfMessage('userlogin-error-edit-account-closed-flag')->escaped(), 'errParam' => '']);
}
}
break;
case LoginForm::EMPTY_PASS:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpasswordempty')->escaped(), 'errParam' => 'password']);
break;
case LoginForm::RESET_PASS:
$this->response->setVal('result', 'resetpass');
break;
case LoginForm::THROTTLED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-throttled')->escaped()]);
break;
case LoginForm::CREATE_BLOCKED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-cantcreateaccount-text')->escaped()]);
break;
case LoginForm::USER_BLOCKED:
$this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-userblocked')->escaped()]);
break;
case LoginForm::ABORTED:
$this->result = 'error';
$this->msg = wfMessage($loginForm->mAbortLoginErrorMsg)->escaped();
break;
default:
throw new MWException("Unhandled case value");
}
}
function authenticateUserData()
{
$this->authenticateStatus = parent::authenticateUserData();
return $this->authenticateStatus;
}
/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistent
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*/
public function execute()
{
// If we're in a mode that breaks the same-origin policy, no tokens can
// be obtained
if ($this->lacksSameOriginSecurity()) {
$this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied'));
return;
}
$params = $this->extractRequestParams();
$result = array();
// Make sure session is persisted
$session = MediaWiki\Session\SessionManager::getGlobalSession();
$session->persist();
// Make sure it's possible to log in
if (!$session->canSetUser()) {
$this->getResult()->addValue(null, 'login', array('result' => 'Aborted', 'reason' => 'Cannot log in when using ' . $session->getProvider()->describe(Language::factory('en'))));
return;
}
$authRes = false;
$context = new DerivativeContext($this->getContext());
$loginType = 'N/A';
// Check login token
$token = LoginForm::getLoginToken();
if (!$token) {
LoginForm::setLoginToken();
$authRes = LoginForm::NEED_TOKEN;
} elseif (!$params['token']) {
$authRes = LoginForm::NEED_TOKEN;
} elseif ($token !== $params['token']) {
$authRes = LoginForm::WRONG_TOKEN;
}
// Try bot passwords
if ($authRes === false && $this->getConfig()->get('EnableBotPasswords') && strpos($params['name'], BotPassword::getSeparator()) !== false) {
$status = BotPassword::login($params['name'], $params['password'], $this->getRequest());
if ($status->isOk()) {
$session = $status->getValue();
$authRes = LoginForm::SUCCESS;
$loginType = 'BotPassword';
} else {
LoggerFactory::getInstance('authmanager')->info('BotPassword login failed: ' . $status->getWikiText());
}
}
// Normal login
if ($authRes === false) {
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '')));
$loginForm = new LoginForm();
$loginForm->setContext($context);
$authRes = $loginForm->authenticateUserData();
$loginType = 'LoginForm';
}
switch ($authRes) {
case LoginForm::SUCCESS:
$user = $context->getUser();
$this->getContext()->setUser($user);
$user->setCookies($this->getRequest(), null, true);
ApiQueryInfo::resetTokenCache();
// Run hooks.
// @todo FIXME: Split back and frontend from this hook.
// @todo FIXME: This hook should be placed in the backend
$injected_html = '';
Hooks::run('UserLoginComplete', array(&$user, &$injected_html));
$result['result'] = 'Success';
$result['lguserid'] = intval($user->getId());
$result['lgusername'] = $user->getName();
// @todo: These are deprecated, and should be removed at some
// point (1.28 at the earliest, and see T121527). They were ok
// when the core cookie-based login was the only thing, but
// CentralAuth broke that a while back and
// SessionManager/AuthManager are *really* going to break it.
$result['lgtoken'] = $user->getToken();
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = $session->getId();
break;
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = LoginForm::getLoginToken();
// @todo: See above about deprecation
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = $session->getId();
break;
case LoginForm::WRONG_TOKEN:
$result['result'] = 'WrongToken';
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
case LoginForm::RESET_PASS:
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['details'] = 'Your IP address is blocked from account creation';
$block = $context->getUser()->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$throttle = $this->getConfig()->get('PasswordAttemptThrottle');
$result['wait'] = intval($throttle['seconds']);
break;
case LoginForm::USER_BLOCKED:
$result['result'] = 'Blocked';
$block = User::newFromName($params['name'])->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['reason'] = $loginForm->mAbortLoginErrorMsg;
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
}
$this->getResult()->addValue(null, 'login', $result);
LoggerFactory::getInstance('authmanager')->info('Login attempt', array('event' => 'login', 'successful' => $authRes === LoginForm::SUCCESS, 'loginType' => $loginType, 'status' => LoginForm::$statusCodes[$authRes]));
}
/**
* This hook is registered by the Auth_remoteuser constructor. It will be
* called on every page load. It serves the function of automatically logging
* in the user. The Auth_remoteuser class is an AuthPlugin and handles the
* actual authentication, user creation, etc.
*
* Details:
* 1. Check to see if the user has a session and is not anonymous. If this is
* true, check whether REMOTE_USER matches the session user. If so, we can
* just return; otherwise we must logout the session user and login as the
* REMOTE_USER.
* 2. If the user doesn't have a session, we create a login form with our own
* fake request and ask the form to authenticate the user. If the user does
* not exist authenticateUserData will attempt to create one. The login form
* uses our Auth_remoteuser class as an AuthPlugin.
*
* Note: If cookies are disabled, an infinite loop /might/ occur?
*/
function Auth_remote_user_hook()
{
global $wgUser, $wgRequest, $wgAuthRemoteuserDomain, $wgAuth;
// For a few special pages, don't do anything.
$title = $wgRequest->getVal('title');
if ($title == Title::makeName(NS_SPECIAL, 'UserLogout') || $title == Title::makeName(NS_SPECIAL, 'UserLogin')) {
return;
}
// Process the username if required
if (!isset($_SERVER['REMOTE_USER'])) {
return;
}
if (isset($wgAuthRemoteuserDomain) && strlen($wgAuthRemoteuserDomain)) {
$username = str_replace("{$wgAuthRemoteuserDomain}\\", "", $_SERVER['REMOTE_USER']);
$username = str_replace("@{$wgAuthRemoteuserDomain}", "", $username);
} else {
$username = $_SERVER['REMOTE_USER'];
}
// Check for valid session
$user = User::newFromSession();
if (!$user->isAnon()) {
if ($user->getName() == $wgAuth->getCanonicalName($username)) {
return;
// Correct user is already logged in.
} else {
$user->doLogout();
// Logout mismatched user.
}
}
// Copied from includes/SpecialUserlogin.php
if (!isset($wgCommandLineMode) && !isset($_COOKIE[session_name()])) {
wfSetupSession();
}
// If the login form returns NEED_TOKEN try once more with the right token
$trycount = 0;
$token = '';
$errormessage = '';
do {
$tryagain = false;
// Submit a fake login form to authenticate the user.
$params = new FauxRequest(array('wpName' => $username, 'wpPassword' => '', 'wpDomain' => '', 'wpLoginToken' => $token, 'wpRemember' => ''));
// Authenticate user data will automatically create new users.
$loginForm = new LoginForm($params);
$result = $loginForm->authenticateUserData();
switch ($result) {
case LoginForm::SUCCESS:
$wgUser->setOption('rememberpassword', 1);
$wgUser->setCookies();
break;
case LoginForm::NEED_TOKEN:
$token = $loginForm->getLoginToken();
$tryagain = $trycount == 0;
break;
case LoginForm::WRONG_TOKEN:
$errormessage = 'WrongToken';
break;
case LoginForm::NO_NAME:
$errormessage = 'NoName';
break;
case LoginForm::ILLEGAL:
$errormessage = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$errormessage = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$errormessage = 'NotExists';
break;
case LoginForm::WRONG_PASS:
$errormessage = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$errormessage = 'EmptyPass';
break;
default:
$errormessage = 'Unknown';
break;
}
if ($result != LoginForm::SUCCESS && $result != LoginForm::NEED_TOKEN) {
error_log('Unexpected REMOTE_USER authentication failure. Login Error was:' . $errormessage);
}
$trycount++;
} while ($tryagain);
return;
}
/**
* Executes the log-in attempt using the parameters passed. If
* the log-in succeeds, it attaches a cookie to the session
* and outputs the user id, username, and session token. If a
* log-in fails, as the result of a bad password, a nonexistent
* user, or any other reason, the host is cached with an expiry
* and no log-in attempts will be accepted until that expiry
* is reached. The expiry is $this->mLoginThrottle.
*/
public function execute()
{
// If we're in a mode that breaks the same-origin policy, no tokens can
// be obtained
if ($this->lacksSameOriginSecurity()) {
$this->getResult()->addValue(null, 'login', ['result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied']);
return;
}
$params = $this->extractRequestParams();
$result = [];
// Make sure session is persisted
$session = MediaWiki\Session\SessionManager::getGlobalSession();
$session->persist();
// Make sure it's possible to log in
if (!$session->canSetUser()) {
$this->getResult()->addValue(null, 'login', ['result' => 'Aborted', 'reason' => 'Cannot log in when using ' . $session->getProvider()->describe(Language::factory('en'))]);
return;
}
$authRes = false;
$context = new DerivativeContext($this->getContext());
$loginType = 'N/A';
// Check login token
$token = $session->getToken('', 'login');
if ($token->wasNew() || !$params['token']) {
$authRes = 'NeedToken';
} elseif (!$token->match($params['token'])) {
$authRes = 'WrongToken';
}
// Try bot passwords
if ($authRes === false && $this->getConfig()->get('EnableBotPasswords') && strpos($params['name'], BotPassword::getSeparator()) !== false) {
$status = BotPassword::login($params['name'], $params['password'], $this->getRequest());
if ($status->isOK()) {
$session = $status->getValue();
$authRes = 'Success';
$loginType = 'BotPassword';
} else {
$authRes = 'Failed';
$message = $status->getMessage();
LoggerFactory::getInstance('authmanager')->info('BotPassword login failed: ' . $status->getWikiText(false, false, 'en'));
}
}
if ($authRes === false) {
if ($this->getConfig()->get('DisableAuthManager')) {
// Non-AuthManager login
$context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), ['wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpDomain' => $params['domain'], 'wpLoginToken' => $params['token'], 'wpRemember' => '']));
$loginForm = new LoginForm();
$loginForm->setContext($context);
$authRes = $loginForm->authenticateUserData();
$loginType = 'LoginForm';
switch ($authRes) {
case LoginForm::SUCCESS:
$authRes = 'Success';
break;
case LoginForm::NEED_TOKEN:
$authRes = 'NeedToken';
break;
}
} else {
// Simplified AuthManager login, for backwards compatibility
$manager = AuthManager::singleton();
$reqs = AuthenticationRequest::loadRequestsFromSubmission($manager->getAuthenticationRequests(AuthManager::ACTION_LOGIN, $this->getUser()), ['username' => $params['name'], 'password' => $params['password'], 'domain' => $params['domain'], 'rememberMe' => true]);
$res = AuthManager::singleton()->beginAuthentication($reqs, 'null:');
switch ($res->status) {
case AuthenticationResponse::PASS:
if ($this->getConfig()->get('EnableBotPasswords')) {
$warn = 'Main-account login via action=login is deprecated and may stop working ' . 'without warning.';
$warn .= ' To continue login with action=login, see [[Special:BotPasswords]].';
$warn .= ' To safely continue using main-account login, see action=clientlogin.';
} else {
$warn = 'Login via action=login is deprecated and may stop working without warning.';
$warn .= ' To safely log in, see action=clientlogin.';
}
$this->setWarning($warn);
$authRes = 'Success';
$loginType = 'AuthManager';
break;
case AuthenticationResponse::FAIL:
// Hope it's not a PreAuthenticationProvider that failed...
$authRes = 'Failed';
$message = $res->message;
\MediaWiki\Logger\LoggerFactory::getInstance('authentication')->info(__METHOD__ . ': Authentication failed: ' . $message->plain());
break;
default:
$authRes = 'Aborted';
break;
}
}
}
$result['result'] = $authRes;
switch ($authRes) {
case 'Success':
if ($this->getConfig()->get('DisableAuthManager')) {
$user = $context->getUser();
$this->getContext()->setUser($user);
$user->setCookies($this->getRequest(), null, true);
} else {
$user = $session->getUser();
}
ApiQueryInfo::resetTokenCache();
// Deprecated hook
$injected_html = '';
Hooks::run('UserLoginComplete', [&$user, &$injected_html]);
$result['lguserid'] = intval($user->getId());
$result['lgusername'] = $user->getName();
// @todo: These are deprecated, and should be removed at some
// point (1.28 at the earliest, and see T121527). They were ok
// when the core cookie-based login was the only thing, but
// CentralAuth broke that a while back and
// SessionManager/AuthManager *really* break it.
$result['lgtoken'] = $user->getToken();
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = $session->getId();
break;
case 'NeedToken':
$result['token'] = $token->toString();
$this->setWarning('Fetching a token via action=login is deprecated. ' . 'Use action=query&meta=tokens&type=login instead.');
$this->logFeatureUsage('action=login&!lgtoken');
// @todo: See above about deprecation
$result['cookieprefix'] = $this->getConfig()->get('CookiePrefix');
$result['sessionid'] = $session->getId();
break;
case 'WrongToken':
break;
case 'Failed':
$result['reason'] = $message->useDatabase('false')->inLanguage('en')->text();
break;
case 'Aborted':
$result['reason'] = 'Authentication requires user interaction, ' . 'which is not supported by action=login.';
if ($this->getConfig()->get('EnableBotPasswords')) {
$result['reason'] .= ' To be able to login with action=login, see [[Special:BotPasswords]].';
$result['reason'] .= ' To continue using main-account login, see action=clientlogin.';
} else {
$result['reason'] .= ' To log in, see action=clientlogin.';
}
break;
// Results from LoginForm for when $wgDisableAuthManager is true
// Results from LoginForm for when $wgDisableAuthManager is true
case LoginForm::WRONG_TOKEN:
$result['result'] = 'WrongToken';
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
break;
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
// bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin:
// The e-mailed temporary password should not be used for actual logins.
case LoginForm::RESET_PASS:
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['details'] = 'Your IP address is blocked from account creation';
$block = $context->getUser()->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::THROTTLED:
$result['result'] = 'Throttled';
$result['wait'] = intval($loginForm->mThrottleWait);
break;
case LoginForm::USER_BLOCKED:
$result['result'] = 'Blocked';
$block = User::newFromName($params['name'])->getBlock();
if ($block) {
$result = array_merge($result, ApiQueryUserInfo::getBlockInfo($block));
}
break;
case LoginForm::ABORTED:
$result['result'] = 'Aborted';
$result['reason'] = $loginForm->mAbortLoginErrorMsg;
break;
default:
ApiBase::dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
}
$this->getResult()->addValue(null, 'login', $result);
if ($loginType === 'LoginForm' && isset(LoginForm::$statusCodes[$authRes])) {
$authRes = LoginForm::$statusCodes[$authRes];
}
LoggerFactory::getInstance('authmanager')->info('Login attempt', ['event' => 'login', 'successful' => $authRes === 'Success', 'loginType' => $loginType, 'status' => $authRes]);
}
public function execute()
{
wfSetupSession();
$Name = $Password = $Remember = $Loginattempt = $Mailmypassword = $Token = null;
extract($this->extractRequestParams());
if (!empty($Loginattempt)) {
// Login attempt
$params = new FauxRequest(array('wpName' => $Name, 'wpPassword' => $Password, 'wpRemember' => $Remember, 'wpLoginattempt' => $Loginattempt, 'wpLoginToken' => $Token));
$result = array();
$loginForm = new LoginForm($params);
switch ($loginForm->authenticateUserData()) {
case LoginForm::RESET_PASS:
$result['result'] = 'Reset';
break;
case LoginForm::SUCCESS:
global $wgUser, $wgCookiePrefix;
$wgUser->setOption('rememberpassword', $Remember ? 1 : 0);
$wgUser->setCookies();
$result['result'] = 'Success';
$result['lguserid'] = intval($wgUser->getId());
$result['lgusername'] = $wgUser->getName();
$result['lgtoken'] = $wgUser->getToken();
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = $loginForm->getLoginToken();
$result['cookieprefix'] = $wgCookiePrefix;
$result['sessionid'] = session_id();
break;
case LoginForm::WRONG_TOKEN:
$result['result'] = 'WrongToken';
break;
case LoginForm::NO_NAME:
$result['result'] = 'NoName';
$result['text'] = wfMsg('noname');
break;
case LoginForm::ILLEGAL:
$result['result'] = 'Illegal';
$result['text'] = wfMsg('noname');
break;
case LoginForm::WRONG_PLUGIN_PASS:
$result['result'] = 'WrongPluginPass';
$result['text'] = wfMsg('wrongpassword');
break;
case LoginForm::NOT_EXISTS:
$result['result'] = 'NotExists';
$result['text'] = wfMsg('al-nosuchuser', htmlspecialchars($Name));
break;
case LoginForm::RESET_PASS:
case LoginForm::WRONG_PASS:
$result['result'] = 'WrongPass';
$result['text'] = wfMsg('wrongpassword');
break;
case LoginForm::EMPTY_PASS:
$result['result'] = 'EmptyPass';
$result['text'] = wfMsg('wrongpasswordempty');
break;
case LoginForm::CREATE_BLOCKED:
$result['result'] = 'CreateBlocked';
$result['text'] = wfMsg('al-createblocked');
break;
case LoginForm::THROTTLED:
global $wgPasswordAttemptThrottle, $wgLang;
$result['result'] = 'Throttled';
$result['text'] = wfMsgExt('al-throttled', 'parsemag', $wgLang->formatNum(intval($wgPasswordAttemptThrottle['seconds'])));
break;
case LoginForm::USER_BLOCKED:
$result['result'] = 'Blocked';
break;
default:
ApiBase::dieDebug(__METHOD__, 'Unhandled case value');
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
} elseif (!empty($Mailmypassword)) {
// Remind password attempt
$params = new FauxRequest(array('wpName' => $Name));
$result = array();
$loginForm = new LoginForm($params);
global $wgUser, $wgAuth;
if (!$wgAuth->allowPasswordChange()) {
$result['result'] = 'resetpass_forbidden';
$result['text'] = wfMsg('resetpass_forbidden');
} elseif ($wgUser->isBlocked()) {
$result['result'] = 'blocked-mailpassword';
$result['text'] = wfMsg('blocked-mailpassword');
} elseif ('' == $loginForm->mName) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} else {
$u = User::newFromName($loginForm->mName);
if (is_null($u)) {
$result['result'] = 'noname';
$result['text'] = wfMsg('noname');
} elseif (0 == $u->getID()) {
$result['result'] = 'nosuchuser';
$result['text'] = wfMsg('al-nosuchuser', $u->getName());
} elseif ($u->isPasswordReminderThrottled()) {
global $wgPasswordReminderResendTime;
$result['result'] = 'throttled-mailpassword';
$result['text'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
} else {
$res = $loginForm->mailPasswordInternal($u, true);
if (WikiError::isError($res)) {
$result['result'] = 'mailerror';
$result['text'] = wfMsg('mailerror', $res->getMessage());
} else {
$result['result'] = 'OK';
$result['text'] = wfMsg('passwordsent', $u->getName());
}
}
}
$dbw = wfGetDB(DB_MASTER);
$dbw->commit();
$this->getResult()->addValue(null, 'ajaxlogin', $result);
}
}
