/** * Confirm email page. * @requestParam string code - on GET, POST * @requestParam string username - on POST * @requestParam string password - on POST * @responseParam string result [ok/error] * @responseParam string msg - result messages * @responseParam string errParam - error param */ public function index() { $this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss'); // hide things in the skin $this->wg->SuppressWikiHeader = false; $this->wg->SuppressPageHeader = false; $this->wg->SuppressFooter = true; $this->wg->SuppressAds = true; $this->wg->SuppressToolbar = true; $this->wg->Out->setPageTitle(wfMsg('wikiaconfirmemail-heading')); $par = $this->request->getVal('par', ''); $this->code = $this->request->getVal('code', $par); $this->username = $this->request->getVal('username', ''); $this->password = $this->request->getVal('password', ''); if ($this->code == '') { $this->result = 'error'; $this->msg = $this->wf->Msg('wikiaconfirmemail-error-empty-code'); return; } if ($this->wg->request->wasPosted()) { if ($this->username == '') { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-noname'); $this->errParam = 'username'; return; } if ($this->password == '') { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty'); $this->errParam = 'password'; return; } $expUser = User::newFromConfirmationCode($this->code); if (!is_object($expUser)) { $this->result = 'error'; $this->msg = $this->wf->Msg('wikiaconfirmemail-error-invalid-code'); return; } // User - activate user, confirm email and redirect to user page or create new wiki $tempUser = TempUser::getTempUserFromName($this->username); if ($tempUser) { if ($tempUser->getId() != $expUser->getId()) { $this->result = 'error'; $this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match'); $this->errParam = 'username'; return; } $userLoginHelper = F::build('UserLoginHelper'); if ($userLoginHelper->isPasswordThrottled($this->username)) { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-login-throttled'); $this->errParam = 'password'; return; } $user = $tempUser->mapTempUserToUser(false); if ($user->checkPassword($this->password)) { $this->wg->user = $tempUser->activateUser($user); $this->wg->User->setCookies(); LoginForm::clearLoginToken(); TempUser::clearTempUserSession(); $userLoginHelper->clearPasswordThrottle($this->username); // redirect user if ($tempUser->getSource() == '') { $titleObj = $this->wg->User->getUserPage(); $query = ''; } else { $titleObj = SpecialPage::getTitleFor('CreateNewWiki'); $query = $tempUser->getSource(); } $this->wg->out->redirect($titleObj->getFullURL($query)); return; } else { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpassword'); $this->errParam = 'password'; return; } } // User - confirm email and redirect to user page $user = User::newFromName($this->username); if (!$user instanceof User || $user->getId() != $expUser->getId()) { $this->result = 'error'; $this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match'); $this->errParam = 'username'; return; } // set login token $this->wg->request->setVal('loginToken', UserLoginHelper::getLoginToken()); // login $response = $this->app->sendRequest('UserLoginSpecial', 'login'); $this->result = $response->getVal('result', ''); $this->msg = $response->getVal('msg', ''); $this->errParam = $response->getVal('errParam', ''); if ($this->result == 'ok') { $optionNewEmail = $this->wg->User->getOption('new_email'); if (!empty($optionNewEmail)) { $user->setEmail($optionNewEmail); } $user->confirmEmail(); $user->setOption('new_email', null); $user->saveSettings(); $this->wf->RunHooks('ConfirmEmailComplete', array(&$user)); // redirect user $userPage = $user->getUserPage(); $this->wg->out->redirect($userPage->getFullURL()); } } }
/** * send confirmation reminder * @param integer $fromUserId * @param integer $toUserId * @param integer $range * @param string $condition */ function sendReminder($fromUserId, $toUserId, $range, $condition) { global $wgCityId, $wgServer; wfProfileIn(__METHOD__); $condition .= " and user_wiki_id = " . $wgCityId; // get scope if (empty($fromUserId) || empty($toUserId)) { getScope($fromUserId, $toUserId, $condition); } // update url $wgServer = WikiFactory::getVarValueByName('wgServer', $wgCityId); $cnt = 0; do { $to = $toUserId - $fromUserId > $range ? $fromUserId + $range : $toUserId; echo "WikiId {$wgCityId}: Sending reminder (UserId {$fromUserId} to {$to})...\n"; $users = getTempUsers($fromUserId, $to, $condition); foreach ($users as $username) { $tempUser = TempUser::getTempUserFromName($username); // send reminder email $user = $tempUser->mapTempUserToUser(); $userLoginHelper = F::build('UserLoginHelper'); $result = $userLoginHelper->sendConfirmationReminderEmail($user); if (!$result->isGood()) { echo "Error: Cannot Send reminder to temp user (id=" . $tempUser->getId() . ", email=" . $tempUser->getEmail() . "): " . $result->getMessage() . "\n"; } else { $tempUser->saveSettingsTempUserToUser($user); $cnt++; echo "Sent reminder to temp user (id=" . $tempUser->getId() . ", email=" . $tempUser->getEmail() . ").\n"; } } $fromUserId = $to; } while ($fromUserId < $toUserId); echo "WikiId {$wgCityId}: Total {$cnt} confirmation reminder emails sent.\n"; wfProfileOut(__METHOD__); }
/** * Retrieves and shows the gathered info to the user * @param $target Mixed: user whose info we're looking up */ function showInfo($target, $emailUser = "") { global $wgOut, $wgLang, $wgScript, $wgEnableWallExt, $wgEnableUserLoginExt; //Small Stuff Week - adding table from Special:LookupContribs --nAndy global $wgExtensionsPath, $wgJsMimeType, $wgResourceBasePath, $wgEnableLookupContribsExt; /** * look for @ in username */ $count = 0; $aUsers = array(); $userTarget = ""; if (strpos($target, '@') !== false) { /** * find username by email */ $emailUser = htmlspecialchars($emailUser); $dbr = wfGetDB(DB_SLAVE); $oRes = $dbr->select("user", "user_name", array("user_email" => $target), __METHOD__); $loop = 0; while ($oRow = $dbr->fetchObject($oRes)) { if ($loop === 0) { $userTarget = $oRow->user_name; } if (!empty($emailUser) && $emailUser == $oRow->user_name) { $userTarget = $emailUser; } $aUsers[] = $oRow->user_name; $loop++; } $count = $loop; } $user = User::newFromName(!empty($userTarget) ? $userTarget : $target); $tempUser = false; if ($user == null || $user->getId() == 0) { // Check if a temporary user is at this name if (!empty($wgEnableUserLoginExt)) { $tempUser = TempUser::getTempUserFromName(!empty($userTarget) ? $userTarget : $target); } if ($tempUser) { $user = $tempUser->mapTempUserToUser(false); } else { $wgOut->addWikiText('<span class="error">' . wfMsg('lookupuser-nonexistent', $target) . '</span>'); return; } } if ($count > 1) { $options = array(); if (!empty($aUsers) && is_array($aUsers)) { foreach ($aUsers as $id => $userName) { $options[] = XML::option($userName, $userName, $userName == $userTarget); } } $selectForm = Xml::openElement('select', array('id' => 'email_user', 'name' => "email_user")); $selectForm .= "\n" . implode("\n", $options) . "\n"; $selectForm .= Xml::closeElement('select'); $selectForm .= "({$count})"; $wgOut->addHTML(Xml::openElement('fieldset') . "\n" . Xml::openElement('form', array('method' => 'get', 'action' => $wgScript)) . "\n" . Html::hidden('title', $this->getTitle()->getPrefixedText()) . "\n" . Html::hidden('target', $target) . "\n" . Xml::openElement('table', array('border' => '0')) . "\n" . Xml::openElement('tr') . "\n" . Xml::openElement('td', array('align' => 'right')) . wfMsgHtml('lookupuser-foundmoreusers') . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('align' => 'left')) . "\n" . $selectForm . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('colspan' => '2', 'align' => 'center')) . Xml::submitButton(wfMsgHtml('go')) . Xml::closeElement('td') . "\n" . Xml::closeElement('tr') . "\n" . Xml::closeElement('table') . "\n" . Xml::closeElement('form') . "\n" . Xml::closeElement('fieldset')); } $authTs = $user->getEmailAuthenticationTimestamp(); if ($authTs) { $authenticated = wfMsg('lookupuser-authenticated', $wgLang->timeanddate($authTs)); } else { $authenticated = wfMsg('lookupuser-not-authenticated'); } $optionsString = ''; foreach ($user->getOptions() as $name => $value) { $optionsString .= "{$name} = {$value} <br />"; } $name = $user->getName(); if ($user->getEmail()) { $email = $user->getEmail(); $email_output = wfMsg('lookupuser-email', $email, $name); } else { $email_output = wfMsg('lookupuser-no-email'); } if ($user->getRegistration()) { $registration = $wgLang->timeanddate($user->getRegistration()); } else { $registration = wfMsg('lookupuser-no-registration'); } $wgOut->addWikiText('*' . wfMsg('username') . ' [[User:'******'|' . $name . ']] (' . $wgLang->pipeList(array('<span id="lu-tools">[[' . (!empty($wgEnableWallExt) ? 'Message Wall:' . $name . '|' . wfMsg('wall-message-wall-shorten') : 'User talk:' . $name . '|' . wfMsg('talkpagelinktext')) . ']]', '[[Special:Contributions/' . $name . '|' . wfMsg('contribslink') . ']]</span>)'))); $wgOut->addWikiText('*' . wfMsgForContent('lookupuser-toollinks', $name, urlencode($name))); $wgOut->addWikiText('*' . wfMsg('lookupuser-id', $user->getId())); if (!empty($tempUser)) { $userStatus = wfMsg('lookupuser-account-status-tempuser'); } else { $userStatus = wfMsg('lookupuser-account-status-realuser'); } $wgOut->addWikiText('*' . wfMsg('lookupuser-account-status') . $userStatus); $wgOut->addWikiText('*' . $email_output); $wgOut->addWikiText('*' . wfMsg('lookupuser-realname', $user->getRealName())); $wgOut->addWikiText('*' . wfMsg('lookupuser-registration', $registration)); $wgOut->addWikiText('*' . wfMsg('lookupuser-touched', $wgLang->timeanddate($user->mTouched))); $wgOut->addWikiText('*' . wfMsg('lookupuser-info-authenticated', $authenticated)); //Begin: Small Stuff Week - adding table from Special:LookupContribs --nAndy if (!empty($wgEnableLookupContribsExt)) { $wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupContribs/css/table.css"); $wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupUser/css/lookupuser.css"); $wgOut->addScript("<script type=\"{$wgJsMimeType}\" src=\"{$wgResourceBasePath}/resources/wikia/libraries/jquery/datatables/jquery.dataTables.min.js\"></script>\n"); //checking and setting User::mBlockedGlobally if needed //only for this instance of class User if (class_exists('UserBlock')) { UserBlock::blockCheck($user); } $oTmpl = new EasyTemplate(dirname(__FILE__) . "/templates/"); $oTmpl->set_vars(array('username' => $name, 'isUsernameGloballyBlocked' => $user->isBlockedGlobally())); $wgOut->addHTML($oTmpl->render('contribution.table')); } else { $wgOut->addWikiText('*' . wfMsg('lookupuser-table-cannot-be-displayed')); } //End: Small Stuff Week $wgOut->addWikiText('*' . wfMsg('lookupuser-useroptions') . '<br />' . $optionsString); }
/** * @brief logs in a user with given login name and password. if keeploggedin, sets a cookie. * @details * @requestParam string username * @requestParam string password * @requestParam string keeploggedin [true/false] * @responseParam string result [ok/error/unconfirm/resetpass] * @responseParam string msg - result message * @responseParam string errParam - error param */ public function login() { // Init session if necessary if (session_id() == '') { $this->wf->SetupSession(); } $loginForm = F::build('LoginForm', array(&$this->wg->request)); $loginForm->load(); // MW1.19 uses different form fields names // set variables if ($this->wg->request->getText('username', '') != '') { $loginForm->mUsername = $this->wg->request->getText('username'); } if ($this->wg->request->getText('password', '') != '') { $loginForm->mPassword = $this->wg->request->getText('password'); } if ($this->wg->request->getText('keeploggedin', '') != '') { $loginForm->mRemember = $this->wg->request->getCheck('keeploggedin'); } if ($this->wg->request->getVal('loginToken', '') != '') { $loginForm->mToken = $this->wg->request->getVal('loginToken'); } if ($this->wg->request->getVal('returnto', '') != '') { $loginForm->mReturnTo = $this->wg->request->getVal('returnto'); } $loginCase = $loginForm->authenticateUserData(); switch ($loginCase) { case LoginForm::SUCCESS: $injected_html = ''; wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html)); // set rememberpassword option if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getOption('rememberpassword')) { $this->wg->User->setOption('rememberpassword', $loginForm->mRemember ? 1 : 0); $this->wg->User->saveSettings(); } else { $this->wg->User->invalidateCache(); } $this->wg->User->setCookies(); LoginForm::clearLoginToken(); TempUser::clearTempUserSession(); $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername); $this->result = 'ok'; break; case LoginForm::NEED_TOKEN: case LoginForm::WRONG_TOKEN: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-sessionfailure'); break; case LoginForm::NO_NAME: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-noname'); $this->errParam = 'username'; break; case LoginForm::ILLEGAL: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-nosuchuser'); $this->errParam = 'username'; break; case LoginForm::NOT_EXISTS: $tempUser = F::build('TempUser', array($loginForm->mUsername), 'getTempUserFromName'); if ($tempUser) { if ($this->userLoginHelper->isPasswordThrottled($loginForm->mUsername)) { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-login-throttled'); } else { $user = $tempUser->mapTempUserToUser(false); if ($user->checkPassword($loginForm->mPassword)) { LoginForm::clearLoginToken(); $tempUser->setTempUserSession(); $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername); // set lang for unconfirmed user $langCode = $user->getOption('language'); if ($this->wg->User->getOption('language') != $langCode) { $this->wg->User->setOption('language', $langCode); } $this->result = 'unconfirm'; $this->msg = $this->wf->MsgExt('usersignup-confirmation-email-sent', array('parseinline'), $tempUser->getEmail()); } else { if ($user->checkTemporaryPassword($loginForm->mPassword)) { $this->result = 'resetpass'; } else { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpassword'); $this->errParam = 'password'; } } } } else { $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-nosuchuser'); $this->errParam = 'username'; } break; case LoginForm::WRONG_PLUGIN_PASS: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpassword'); $this->errParam = 'password'; break; case LoginForm::WRONG_PASS: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpassword'); $this->errParam = 'password'; $attemptedUser = F::build('User', array($loginForm->mUsername), 'newFromName'); if (!is_null($attemptedUser)) { $disOpt = $attemptedUser->getOption('disabled'); if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) { #either closed account flag was present, override fail message $this->msg = $this->wf->Msg('userlogin-error-edit-account-closed-flag'); $this->errParam = ''; } } break; case LoginForm::EMPTY_PASS: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty'); $this->errParam = 'password'; break; case LoginForm::RESET_PASS: $this->result = 'resetpass'; break; case LoginForm::THROTTLED: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-login-throttled'); break; case LoginForm::CREATE_BLOCKED: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-cantcreateaccount-text'); break; case LoginForm::USER_BLOCKED: $this->result = 'error'; $this->msg = $this->wf->Msg('userlogin-error-login-userblocked'); break; default: throw new MWException("Unhandled case value"); } }
public function initUser($u, $autocreate, $createTempUser = true) { global $wgAuth, $wgExternalAuthType; // for FBconnect we don't want to create temp users if ($createTempUser === false) { return parent::initUser($u, $autocreate); } // add TempUser, update User object, set TempUser session $tempUser = TempUser::createNewFromUser($u, $this->mReturnTo); if ($wgExternalAuthType) { $u = ExternalUser::addUser($u, "", "", ""); if (is_object($u)) { $this->mExtUser = ExternalUser::newFromName($this->mUsername); } } else { $u->addToDatabase(); } $u->setToken(); $wgAuth->initUser($u, $autocreate); if (is_object($this->mExtUser)) { $this->mExtUser->linkToLocal($u->getId()); } $u->setOption('rememberpassword', $this->mRemember ? 1 : 0); $u->setOption('marketingallowed', $this->mMarketingOptIn ? 1 : 0); if ($this->mLanguage) { $u->setOption('language', $this->mLanguage); } $u->setOption('skinoverwrite', 1); $u->setPassword($this->mPassword); $tempUser->setPassword($u->mPassword); $tempUser->setId($u->getId()); $tempUser->addToDatabase(); wfRunHooks('AddNewAccountTempUser', array($u, false)); $tempUser->saveSettingsTempUserToUser($u); $tempUser->setTempUserSession(); return $u; }
/** * Show the special page * * @param $par Mixed: parameter passed to the page or null */ public function execute($par) { global $wgOut, $wgUser, $wgRequest, $wgEnableUserLoginExt; // Set page title and other stuff $this->setHeaders(); # If the user isn't permitted to access this special page, display an error if (!$wgUser->isAllowed('editaccount')) { throw new PermissionsError('editaccount'); } # Show a message if the database is in read-only mode if (wfReadOnly()) { $wgOut->readOnlyPage(); return; } # If user is blocked, s/he doesn't need to access this page if ($wgUser->isBlocked()) { throw new UserBlockedError($this->getUser()->mBlock); } $action = $wgRequest->getVal('wpAction'); #get name to work on. subpage is supported, but form submit name trumps $userName = $wgRequest->getVal('wpUserName', $par); if ($userName !== null) { #got a name, clean it up $userName = str_replace("_", " ", trim($userName)); $userName = ucfirst($userName); # user names begin with a capital letter // check if user name is an existing user if (User::isValidUserName($userName)) { $this->mUser = User::newFromName($userName); $id = $this->mUser->idFromName($userName); if (empty($action)) { $action = 'displayuser'; } if (empty($id)) { if (!empty($wgEnableUserLoginExt)) { $this->mTempUser = TempUser::getTempUserFromName($userName); } if ($this->mTempUser) { $id = $this->mTempUser->getId(); $this->mUser = User::newFromId($id); } else { $this->mStatus = false; $this->mStatusMsg = wfMsg('editaccount-nouser', $userName); $action = ''; } } } } // FB:23860 if (!$this->mUser instanceof User) { $action = ''; } switch ($action) { case 'setemail': $newEmail = $wgRequest->getVal('wpNewEmail'); $this->mStatus = $this->setEmail($newEmail); $template = 'displayuser'; break; case 'setpass': $newPass = $wgRequest->getVal('wpNewPass'); $this->mStatus = $this->setPassword($newPass); $template = 'displayuser'; break; case 'setrealname': $newRealName = $wgRequest->getVal('wpNewRealName'); $this->mStatus = $this->setRealName($newRealName); $template = 'displayuser'; break; case 'closeaccount': $template = 'closeaccount'; $this->mStatus = (bool) $this->mUser->getOption('requested-closure', 0); $this->mStatusMsg = $this->mStatus ? wfMsg('editaccount-requested') : wfMsg('editaccount-not-requested'); break; case 'closeaccountconfirm': $this->mStatus = $this->closeAccount(); $template = $this->mStatus ? 'selectuser' : 'displayuser'; break; case 'clearunsub': $this->mStatus = $this->clearUnsubscribe(); $template = 'displayuser'; break; case 'cleardisable': $this->mStatus = $this->clearDisable(); $template = 'displayuser'; break; case 'toggleadopter': $this->mStatus = $this->toggleAdopterStatus(); $template = 'displayuser'; break; case 'displayuser': $template = 'displayuser'; break; default: $template = 'selectuser'; } $wgOut->setPageTitle(wfMsg('editaccount-title')); $oTmpl = new EasyTemplate(dirname(__FILE__) . '/templates/'); $oTmpl->set_Vars(array('status' => $this->mStatus, 'statusMsg' => $this->mStatusMsg, 'statusMsg2' => $this->mStatusMsg2, 'user' => $userName, 'userEmail' => null, 'userRealName' => null, 'userEncoded' => urlencode($userName), 'user_hsc' => htmlspecialchars($userName), 'userId' => null, 'userReg' => null, 'isUnsub' => null, 'isDisabled' => null, 'isAdopter' => null, 'returnURL' => $this->getTitle()->getFullURL(), 'userStatus' => null, 'emailStatus' => null, 'disabled' => null, 'changeEmailRequested' => null)); if (is_object($this->mUser)) { if ($this->mTempUser) { $this->mUser = $this->mTempUser->mapTempUserToUser(false); $userStatus = wfMsg('editaccount-status-tempuser'); $oTmpl->set_Vars(array('disabled' => 'disabled="disabled"')); } else { $userStatus = wfMsg('editaccount-status-realuser'); } $this->mUser->load(); // get new email (unconfirmed) $optionNewEmail = $this->mUser->getOption('new_email'); $changeEmailRequested = empty($optionNewEmail) ? '' : wfMsg('editaccount-email-change-requested', $optionNewEmail); // emailStatus is the status of the email in the "Set new email address" field $emailStatus = $this->mUser->isEmailConfirmed() ? wfMsg('editaccount-status-confirmed') : wfMsg('editaccount-status-unconfirmed'); $oTmpl->set_Vars(array('userEmail' => $this->mUser->getEmail(), 'userRealName' => $this->mUser->getRealName(), 'userId' => $this->mUser->getID(), 'userReg' => date('r', strtotime($this->mUser->getRegistration())), 'isUnsub' => $this->mUser->getOption('unsubscribed'), 'isDisabled' => $this->mUser->getOption('disabled'), 'isAdopter' => $this->mUser->getOption('AllowAdoption', 1), 'userStatus' => $userStatus, 'emailStatus' => $emailStatus, 'changeEmailRequested' => $changeEmailRequested)); } // HTML output $wgOut->addHTML($oTmpl->render($template)); }