/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->wg->Out->setPageTitle(wfMsg('wikiaconfirmemail-heading'));
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-empty-code');
return;
}
if ($this->wg->request->wasPosted()) {
if ($this->username == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-noname');
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!is_object($expUser)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-invalid-code');
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$tempUser = TempUser::getTempUserFromName($this->username);
if ($tempUser) {
if ($tempUser->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
$userLoginHelper = F::build('UserLoginHelper');
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-throttled');
$this->errParam = 'password';
return;
}
$user = $tempUser->mapTempUserToUser(false);
if ($user->checkPassword($this->password)) {
$this->wg->user = $tempUser->activateUser($user);
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
TempUser::clearTempUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// redirect user
if ($tempUser->getSource() == '') {
$titleObj = $this->wg->User->getUserPage();
$query = '';
} else {
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $tempUser->getSource();
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
return;
}
}
// User - confirm email and redirect to user page
$user = User::newFromName($this->username);
if (!$user instanceof User || $user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
// set login token
$this->wg->request->setVal('loginToken', UserLoginHelper::getLoginToken());
// login
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$this->result = $response->getVal('result', '');
$this->msg = $response->getVal('msg', '');
$this->errParam = $response->getVal('errParam', '');
if ($this->result == 'ok') {
$optionNewEmail = $this->wg->User->getOption('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setOption('new_email', null);
$user->saveSettings();
$this->wf->RunHooks('ConfirmEmailComplete', array(&$user));
// redirect user
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
}
}
/**
* send confirmation reminder
* @param integer $fromUserId
* @param integer $toUserId
* @param integer $range
* @param string $condition
*/
function sendReminder($fromUserId, $toUserId, $range, $condition)
{
global $wgCityId, $wgServer;
wfProfileIn(__METHOD__);
$condition .= " and user_wiki_id = " . $wgCityId;
// get scope
if (empty($fromUserId) || empty($toUserId)) {
getScope($fromUserId, $toUserId, $condition);
}
// update url
$wgServer = WikiFactory::getVarValueByName('wgServer', $wgCityId);
$cnt = 0;
do {
$to = $toUserId - $fromUserId > $range ? $fromUserId + $range : $toUserId;
echo "WikiId {$wgCityId}: Sending reminder (UserId {$fromUserId} to {$to})...\n";
$users = getTempUsers($fromUserId, $to, $condition);
foreach ($users as $username) {
$tempUser = TempUser::getTempUserFromName($username);
// send reminder email
$user = $tempUser->mapTempUserToUser();
$userLoginHelper = F::build('UserLoginHelper');
$result = $userLoginHelper->sendConfirmationReminderEmail($user);
if (!$result->isGood()) {
echo "Error: Cannot Send reminder to temp user (id=" . $tempUser->getId() . ", email=" . $tempUser->getEmail() . "): " . $result->getMessage() . "\n";
} else {
$tempUser->saveSettingsTempUserToUser($user);
$cnt++;
echo "Sent reminder to temp user (id=" . $tempUser->getId() . ", email=" . $tempUser->getEmail() . ").\n";
}
}
$fromUserId = $to;
} while ($fromUserId < $toUserId);
echo "WikiId {$wgCityId}: Total {$cnt} confirmation reminder emails sent.\n";
wfProfileOut(__METHOD__);
}
/**
* Retrieves and shows the gathered info to the user
* @param $target Mixed: user whose info we're looking up
*/
function showInfo($target, $emailUser = "")
{
global $wgOut, $wgLang, $wgScript, $wgEnableWallExt, $wgEnableUserLoginExt;
//Small Stuff Week - adding table from Special:LookupContribs --nAndy
global $wgExtensionsPath, $wgJsMimeType, $wgResourceBasePath, $wgEnableLookupContribsExt;
/**
* look for @ in username
*/
$count = 0;
$aUsers = array();
$userTarget = "";
if (strpos($target, '@') !== false) {
/**
* find username by email
*/
$emailUser = htmlspecialchars($emailUser);
$dbr = wfGetDB(DB_SLAVE);
$oRes = $dbr->select("user", "user_name", array("user_email" => $target), __METHOD__);
$loop = 0;
while ($oRow = $dbr->fetchObject($oRes)) {
if ($loop === 0) {
$userTarget = $oRow->user_name;
}
if (!empty($emailUser) && $emailUser == $oRow->user_name) {
$userTarget = $emailUser;
}
$aUsers[] = $oRow->user_name;
$loop++;
}
$count = $loop;
}
$user = User::newFromName(!empty($userTarget) ? $userTarget : $target);
$tempUser = false;
if ($user == null || $user->getId() == 0) {
// Check if a temporary user is at this name
if (!empty($wgEnableUserLoginExt)) {
$tempUser = TempUser::getTempUserFromName(!empty($userTarget) ? $userTarget : $target);
}
if ($tempUser) {
$user = $tempUser->mapTempUserToUser(false);
} else {
$wgOut->addWikiText('<span class="error">' . wfMsg('lookupuser-nonexistent', $target) . '</span>');
return;
}
}
if ($count > 1) {
$options = array();
if (!empty($aUsers) && is_array($aUsers)) {
foreach ($aUsers as $id => $userName) {
$options[] = XML::option($userName, $userName, $userName == $userTarget);
}
}
$selectForm = Xml::openElement('select', array('id' => 'email_user', 'name' => "email_user"));
$selectForm .= "\n" . implode("\n", $options) . "\n";
$selectForm .= Xml::closeElement('select');
$selectForm .= "({$count})";
$wgOut->addHTML(Xml::openElement('fieldset') . "\n" . Xml::openElement('form', array('method' => 'get', 'action' => $wgScript)) . "\n" . Html::hidden('title', $this->getTitle()->getPrefixedText()) . "\n" . Html::hidden('target', $target) . "\n" . Xml::openElement('table', array('border' => '0')) . "\n" . Xml::openElement('tr') . "\n" . Xml::openElement('td', array('align' => 'right')) . wfMsgHtml('lookupuser-foundmoreusers') . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('align' => 'left')) . "\n" . $selectForm . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('colspan' => '2', 'align' => 'center')) . Xml::submitButton(wfMsgHtml('go')) . Xml::closeElement('td') . "\n" . Xml::closeElement('tr') . "\n" . Xml::closeElement('table') . "\n" . Xml::closeElement('form') . "\n" . Xml::closeElement('fieldset'));
}
$authTs = $user->getEmailAuthenticationTimestamp();
if ($authTs) {
$authenticated = wfMsg('lookupuser-authenticated', $wgLang->timeanddate($authTs));
} else {
$authenticated = wfMsg('lookupuser-not-authenticated');
}
$optionsString = '';
foreach ($user->getOptions() as $name => $value) {
$optionsString .= "{$name} = {$value} <br />";
}
$name = $user->getName();
if ($user->getEmail()) {
$email = $user->getEmail();
$email_output = wfMsg('lookupuser-email', $email, $name);
} else {
$email_output = wfMsg('lookupuser-no-email');
}
if ($user->getRegistration()) {
$registration = $wgLang->timeanddate($user->getRegistration());
} else {
$registration = wfMsg('lookupuser-no-registration');
}
$wgOut->addWikiText('*' . wfMsg('username') . ' [[User:'******'|' . $name . ']] (' . $wgLang->pipeList(array('<span id="lu-tools">[[' . (!empty($wgEnableWallExt) ? 'Message Wall:' . $name . '|' . wfMsg('wall-message-wall-shorten') : 'User talk:' . $name . '|' . wfMsg('talkpagelinktext')) . ']]', '[[Special:Contributions/' . $name . '|' . wfMsg('contribslink') . ']]</span>)')));
$wgOut->addWikiText('*' . wfMsgForContent('lookupuser-toollinks', $name, urlencode($name)));
$wgOut->addWikiText('*' . wfMsg('lookupuser-id', $user->getId()));
if (!empty($tempUser)) {
$userStatus = wfMsg('lookupuser-account-status-tempuser');
} else {
$userStatus = wfMsg('lookupuser-account-status-realuser');
}
$wgOut->addWikiText('*' . wfMsg('lookupuser-account-status') . $userStatus);
$wgOut->addWikiText('*' . $email_output);
$wgOut->addWikiText('*' . wfMsg('lookupuser-realname', $user->getRealName()));
$wgOut->addWikiText('*' . wfMsg('lookupuser-registration', $registration));
$wgOut->addWikiText('*' . wfMsg('lookupuser-touched', $wgLang->timeanddate($user->mTouched)));
$wgOut->addWikiText('*' . wfMsg('lookupuser-info-authenticated', $authenticated));
//Begin: Small Stuff Week - adding table from Special:LookupContribs --nAndy
if (!empty($wgEnableLookupContribsExt)) {
$wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupContribs/css/table.css");
$wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupUser/css/lookupuser.css");
$wgOut->addScript("<script type=\"{$wgJsMimeType}\" src=\"{$wgResourceBasePath}/resources/wikia/libraries/jquery/datatables/jquery.dataTables.min.js\"></script>\n");
//checking and setting User::mBlockedGlobally if needed
//only for this instance of class User
if (class_exists('UserBlock')) {
UserBlock::blockCheck($user);
}
$oTmpl = new EasyTemplate(dirname(__FILE__) . "/templates/");
$oTmpl->set_vars(array('username' => $name, 'isUsernameGloballyBlocked' => $user->isBlockedGlobally()));
$wgOut->addHTML($oTmpl->render('contribution.table'));
} else {
$wgOut->addWikiText('*' . wfMsg('lookupuser-table-cannot-be-displayed'));
}
//End: Small Stuff Week
$wgOut->addWikiText('*' . wfMsg('lookupuser-useroptions') . '<br />' . $optionsString);
}
/**
* @brief logs in a user with given login name and password. if keeploggedin, sets a cookie.
* @details
* @requestParam string username
* @requestParam string password
* @requestParam string keeploggedin [true/false]
* @responseParam string result [ok/error/unconfirm/resetpass]
* @responseParam string msg - result message
* @responseParam string errParam - error param
*/
public function login()
{
// Init session if necessary
if (session_id() == '') {
$this->wf->SetupSession();
}
$loginForm = F::build('LoginForm', array(&$this->wg->request));
$loginForm->load();
// MW1.19 uses different form fields names
// set variables
if ($this->wg->request->getText('username', '') != '') {
$loginForm->mUsername = $this->wg->request->getText('username');
}
if ($this->wg->request->getText('password', '') != '') {
$loginForm->mPassword = $this->wg->request->getText('password');
}
if ($this->wg->request->getText('keeploggedin', '') != '') {
$loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
}
if ($this->wg->request->getVal('loginToken', '') != '') {
$loginForm->mToken = $this->wg->request->getVal('loginToken');
}
if ($this->wg->request->getVal('returnto', '') != '') {
$loginForm->mReturnTo = $this->wg->request->getVal('returnto');
}
$loginCase = $loginForm->authenticateUserData();
switch ($loginCase) {
case LoginForm::SUCCESS:
$injected_html = '';
wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
// set rememberpassword option
if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getOption('rememberpassword')) {
$this->wg->User->setOption('rememberpassword', $loginForm->mRemember ? 1 : 0);
$this->wg->User->saveSettings();
} else {
$this->wg->User->invalidateCache();
}
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
TempUser::clearTempUserSession();
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
$this->result = 'ok';
break;
case LoginForm::NEED_TOKEN:
case LoginForm::WRONG_TOKEN:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-sessionfailure');
break;
case LoginForm::NO_NAME:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-noname');
$this->errParam = 'username';
break;
case LoginForm::ILLEGAL:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-nosuchuser');
$this->errParam = 'username';
break;
case LoginForm::NOT_EXISTS:
$tempUser = F::build('TempUser', array($loginForm->mUsername), 'getTempUserFromName');
if ($tempUser) {
if ($this->userLoginHelper->isPasswordThrottled($loginForm->mUsername)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-throttled');
} else {
$user = $tempUser->mapTempUserToUser(false);
if ($user->checkPassword($loginForm->mPassword)) {
LoginForm::clearLoginToken();
$tempUser->setTempUserSession();
$this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
// set lang for unconfirmed user
$langCode = $user->getOption('language');
if ($this->wg->User->getOption('language') != $langCode) {
$this->wg->User->setOption('language', $langCode);
}
$this->result = 'unconfirm';
$this->msg = $this->wf->MsgExt('usersignup-confirmation-email-sent', array('parseinline'), $tempUser->getEmail());
} else {
if ($user->checkTemporaryPassword($loginForm->mPassword)) {
$this->result = 'resetpass';
} else {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
}
}
}
} else {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-nosuchuser');
$this->errParam = 'username';
}
break;
case LoginForm::WRONG_PLUGIN_PASS:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
break;
case LoginForm::WRONG_PASS:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
$attemptedUser = F::build('User', array($loginForm->mUsername), 'newFromName');
if (!is_null($attemptedUser)) {
$disOpt = $attemptedUser->getOption('disabled');
if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
#either closed account flag was present, override fail message
$this->msg = $this->wf->Msg('userlogin-error-edit-account-closed-flag');
$this->errParam = '';
}
}
break;
case LoginForm::EMPTY_PASS:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
$this->errParam = 'password';
break;
case LoginForm::RESET_PASS:
$this->result = 'resetpass';
break;
case LoginForm::THROTTLED:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-throttled');
break;
case LoginForm::CREATE_BLOCKED:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-cantcreateaccount-text');
break;
case LoginForm::USER_BLOCKED:
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-userblocked');
break;
default:
throw new MWException("Unhandled case value");
}
}
public function initUser($u, $autocreate, $createTempUser = true)
{
global $wgAuth, $wgExternalAuthType;
// for FBconnect we don't want to create temp users
if ($createTempUser === false) {
return parent::initUser($u, $autocreate);
}
// add TempUser, update User object, set TempUser session
$tempUser = TempUser::createNewFromUser($u, $this->mReturnTo);
if ($wgExternalAuthType) {
$u = ExternalUser::addUser($u, "", "", "");
if (is_object($u)) {
$this->mExtUser = ExternalUser::newFromName($this->mUsername);
}
} else {
$u->addToDatabase();
}
$u->setToken();
$wgAuth->initUser($u, $autocreate);
if (is_object($this->mExtUser)) {
$this->mExtUser->linkToLocal($u->getId());
}
$u->setOption('rememberpassword', $this->mRemember ? 1 : 0);
$u->setOption('marketingallowed', $this->mMarketingOptIn ? 1 : 0);
if ($this->mLanguage) {
$u->setOption('language', $this->mLanguage);
}
$u->setOption('skinoverwrite', 1);
$u->setPassword($this->mPassword);
$tempUser->setPassword($u->mPassword);
$tempUser->setId($u->getId());
$tempUser->addToDatabase();
wfRunHooks('AddNewAccountTempUser', array($u, false));
$tempUser->saveSettingsTempUserToUser($u);
$tempUser->setTempUserSession();
return $u;
}
/**
* Show the special page
*
* @param $par Mixed: parameter passed to the page or null
*/
public function execute($par)
{
global $wgOut, $wgUser, $wgRequest, $wgEnableUserLoginExt;
// Set page title and other stuff
$this->setHeaders();
# If the user isn't permitted to access this special page, display an error
if (!$wgUser->isAllowed('editaccount')) {
throw new PermissionsError('editaccount');
}
# Show a message if the database is in read-only mode
if (wfReadOnly()) {
$wgOut->readOnlyPage();
return;
}
# If user is blocked, s/he doesn't need to access this page
if ($wgUser->isBlocked()) {
throw new UserBlockedError($this->getUser()->mBlock);
}
$action = $wgRequest->getVal('wpAction');
#get name to work on. subpage is supported, but form submit name trumps
$userName = $wgRequest->getVal('wpUserName', $par);
if ($userName !== null) {
#got a name, clean it up
$userName = str_replace("_", " ", trim($userName));
$userName = ucfirst($userName);
# user names begin with a capital letter
// check if user name is an existing user
if (User::isValidUserName($userName)) {
$this->mUser = User::newFromName($userName);
$id = $this->mUser->idFromName($userName);
if (empty($action)) {
$action = 'displayuser';
}
if (empty($id)) {
if (!empty($wgEnableUserLoginExt)) {
$this->mTempUser = TempUser::getTempUserFromName($userName);
}
if ($this->mTempUser) {
$id = $this->mTempUser->getId();
$this->mUser = User::newFromId($id);
} else {
$this->mStatus = false;
$this->mStatusMsg = wfMsg('editaccount-nouser', $userName);
$action = '';
}
}
}
}
// FB:23860
if (!$this->mUser instanceof User) {
$action = '';
}
switch ($action) {
case 'setemail':
$newEmail = $wgRequest->getVal('wpNewEmail');
$this->mStatus = $this->setEmail($newEmail);
$template = 'displayuser';
break;
case 'setpass':
$newPass = $wgRequest->getVal('wpNewPass');
$this->mStatus = $this->setPassword($newPass);
$template = 'displayuser';
break;
case 'setrealname':
$newRealName = $wgRequest->getVal('wpNewRealName');
$this->mStatus = $this->setRealName($newRealName);
$template = 'displayuser';
break;
case 'closeaccount':
$template = 'closeaccount';
$this->mStatus = (bool) $this->mUser->getOption('requested-closure', 0);
$this->mStatusMsg = $this->mStatus ? wfMsg('editaccount-requested') : wfMsg('editaccount-not-requested');
break;
case 'closeaccountconfirm':
$this->mStatus = $this->closeAccount();
$template = $this->mStatus ? 'selectuser' : 'displayuser';
break;
case 'clearunsub':
$this->mStatus = $this->clearUnsubscribe();
$template = 'displayuser';
break;
case 'cleardisable':
$this->mStatus = $this->clearDisable();
$template = 'displayuser';
break;
case 'toggleadopter':
$this->mStatus = $this->toggleAdopterStatus();
$template = 'displayuser';
break;
case 'displayuser':
$template = 'displayuser';
break;
default:
$template = 'selectuser';
}
$wgOut->setPageTitle(wfMsg('editaccount-title'));
$oTmpl = new EasyTemplate(dirname(__FILE__) . '/templates/');
$oTmpl->set_Vars(array('status' => $this->mStatus, 'statusMsg' => $this->mStatusMsg, 'statusMsg2' => $this->mStatusMsg2, 'user' => $userName, 'userEmail' => null, 'userRealName' => null, 'userEncoded' => urlencode($userName), 'user_hsc' => htmlspecialchars($userName), 'userId' => null, 'userReg' => null, 'isUnsub' => null, 'isDisabled' => null, 'isAdopter' => null, 'returnURL' => $this->getTitle()->getFullURL(), 'userStatus' => null, 'emailStatus' => null, 'disabled' => null, 'changeEmailRequested' => null));
if (is_object($this->mUser)) {
if ($this->mTempUser) {
$this->mUser = $this->mTempUser->mapTempUserToUser(false);
$userStatus = wfMsg('editaccount-status-tempuser');
$oTmpl->set_Vars(array('disabled' => 'disabled="disabled"'));
} else {
$userStatus = wfMsg('editaccount-status-realuser');
}
$this->mUser->load();
// get new email (unconfirmed)
$optionNewEmail = $this->mUser->getOption('new_email');
$changeEmailRequested = empty($optionNewEmail) ? '' : wfMsg('editaccount-email-change-requested', $optionNewEmail);
// emailStatus is the status of the email in the "Set new email address" field
$emailStatus = $this->mUser->isEmailConfirmed() ? wfMsg('editaccount-status-confirmed') : wfMsg('editaccount-status-unconfirmed');
$oTmpl->set_Vars(array('userEmail' => $this->mUser->getEmail(), 'userRealName' => $this->mUser->getRealName(), 'userId' => $this->mUser->getID(), 'userReg' => date('r', strtotime($this->mUser->getRegistration())), 'isUnsub' => $this->mUser->getOption('unsubscribed'), 'isDisabled' => $this->mUser->getOption('disabled'), 'isAdopter' => $this->mUser->getOption('AllowAdoption', 1), 'userStatus' => $userStatus, 'emailStatus' => $emailStatus, 'changeEmailRequested' => $changeEmailRequested));
}
// HTML output
$wgOut->addHTML($oTmpl->render($template));
}
