/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->wg->Out->setPageTitle(wfMsg('wikiaconfirmemail-heading'));
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-empty-code');
return;
}
if ($this->wg->request->wasPosted()) {
if ($this->username == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-noname');
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!is_object($expUser)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-invalid-code');
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$tempUser = TempUser::getTempUserFromName($this->username);
if ($tempUser) {
if ($tempUser->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
$userLoginHelper = F::build('UserLoginHelper');
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-throttled');
$this->errParam = 'password';
return;
}
$user = $tempUser->mapTempUserToUser(false);
if ($user->checkPassword($this->password)) {
$this->wg->user = $tempUser->activateUser($user);
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
TempUser::clearTempUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// redirect user
if ($tempUser->getSource() == '') {
$titleObj = $this->wg->User->getUserPage();
$query = '';
} else {
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $tempUser->getSource();
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
return;
}
}
// User - confirm email and redirect to user page
$user = User::newFromName($this->username);
if (!$user instanceof User || $user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
// set login token
$this->wg->request->setVal('loginToken', UserLoginHelper::getLoginToken());
// login
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$this->result = $response->getVal('result', '');
$this->msg = $response->getVal('msg', '');
$this->errParam = $response->getVal('errParam', '');
if ($this->result == 'ok') {
$optionNewEmail = $this->wg->User->getOption('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setOption('new_email', null);
$user->saveSettings();
$this->wf->RunHooks('ConfirmEmailComplete', array(&$user));
// redirect user
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
}
}
/**
* @brief retrieves valid login token
*/
public function retrieveLoginToken()
{
$this->loginToken = UserLoginHelper::getLoginToken();
}
/**
* change password
* @requestParam string username
* @requestParam string password
* @requestParam string newpassword
* @requestParam string retype
* @requestParam string cancel [true/false] - on POST
* @requestParam string keeploggedin [true/false] - on POST
* @requestParam string returnto - url to return to upon successful login
* @responseParam string result [ok/error]
* @responseParam string msg - result message
*/
public function changePassword()
{
$this->wg->Out->setPageTitle(wfMessage('userlogin-password-page-title')->plain());
$this->response->setVal('pageHeading', wfMessage('resetpass')->escaped());
$this->initializeTemplate();
$username = $this->request->getVal('username', '');
$password = $this->request->getVal('password', '');
$newPassword = $this->request->getVal('newpassword', '');
$retype = $this->request->getVal('retype', '');
$loginToken = $this->request->getVal('loginToken', '');
$returnto = $this->request->getVal('returnto', '');
$this->response->setValues(['username' => $username, 'password' => $password, 'newpassword' => $newPassword, 'retype' => $retype, 'editToken' => $this->wg->User->getEditToken(), 'loginToken' => $loginToken, 'returnto' => $returnto]);
// since we don't support ajax GET, use of this parameter simulates a get request
// in reality, it is being posted
$fakeGet = $this->request->getVal('fakeGet', '');
if ($this->wg->request->wasPosted() && empty($fakeGet)) {
if (!$this->wg->Auth->allowPasswordChange()) {
$this->result = 'error';
$this->msg = wfMessage('resetpass_forbidden')->escaped();
return;
}
if ($this->request->getVal('cancel', false)) {
$this->userLoginHelper->doRedirect();
return;
}
if ($this->wg->User->matchEditToken($this->request->getVal('editToken'))) {
if ($this->wg->User->isAnon() && $loginToken !== UserLoginHelper::getLoginToken()) {
$this->result = 'error';
$this->msg = wfMessage('sessionfailure')->escaped();
return;
}
$user = User::newFromName($username);
if (!$user || $user->isAnon()) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-nosuchuser')->escaped();
return;
}
if ($newPassword !== $retype) {
$this->result = 'error';
$this->msg = wfMessage('badretype')->escaped();
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'badretype']);
return;
}
// from attemptReset() in SpecialResetpass
if (!$user->checkTemporaryPassword($password) && !$user->checkPassword($password)) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'wrongpassword']);
return;
}
$valid = $user->getPasswordValidity($newPassword);
if ($valid !== true) {
$this->result = 'error';
$this->msg = wfMessage($valid, $this->wg->MinimalPasswordLength)->text();
return;
}
$user->setPassword($newPassword);
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'success']);
$user->saveSettings();
$this->result = 'ok';
$this->msg = wfMessage('resetpass_success')->escaped();
$this->wg->request->setVal('password', $newPassword);
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$result = $response->getVal('result', '');
if ($result === 'closurerequested') {
$response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
$redirectUrl = $response->getVal('redirectUrl');
$this->wg->Out->redirect($redirectUrl);
} else {
$this->userLoginHelper->doRedirect();
}
}
}
}
/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->getOutput()->disallowUserJs();
// just in case...
$this->wg->Out->setPageTitle(wfMessage('wikiaconfirmemail-heading')->plain());
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->editToken = $this->wg->User->getEditToken();
$this->loginToken = UserLoginHelper::getLoginToken();
$editTokenReq = $this->request->getVal('editToken', '');
$loginTokenReq = $this->request->getVal('loginToken', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-empty-code')->escaped();
return;
}
if ($this->wg->request->wasPosted() && $this->wg->User->matchEditToken($editTokenReq)) {
if ($this->wg->User->isAnon() && $loginTokenReq !== UserLoginHelper::getLoginToken()) {
$this->result = 'error';
$this->msg = wfMessage('sessionfailure')->escaped();
return;
}
if ($this->username == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-invalid-code')->escaped();
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$user = User::newFromName($this->username);
if (!$user instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
return;
}
if ($user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
if ($user->getGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME) != null) {
// Signup confirm
// Log user in manually
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
UserLoginHelper::clearNotConfirmedUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// Confirm
UserLoginHelper::removeNotConfirmedFlag($user);
$user->confirmEmail();
// Get and clear redirect page
$userSignupRedirect = $user->getGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME);
$user->setGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME, null);
$user->saveSettings();
$userLoginHelper->addNewUserLogEntry($user);
// send welcome email
$emailParams = array('$USERNAME' => $user->getName(), '$EDITPROFILEURL' => $user->getUserPage()->getFullURL(), '$LEARNBASICURL' => 'http://community.wikia.com/wiki/Help:Wikia_Basics', '$EXPLOREWIKISURL' => 'http://www.wikia.com');
$userLoginHelper->sendEmail($user, 'WelcomeMail', 'usersignup-welcome-email-subject', 'usersignup-welcome-email-body', $emailParams, 'welcome-email', 'WelcomeMail');
// redirect user
if (!empty($userSignupRedirect)) {
// Redirect user to the point where he finished (when signup on create wiki)
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $userSignupRedirect;
} else {
$titleObj = $this->wg->User->getUserPage();
$query = '';
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
// Email change
// Log user in through standard method
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$result = $response->getVal('result', '');
$optionNewEmail = $this->wg->User->getGlobalAttribute('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setGlobalAttribute('new_email', null);
$user->saveSettings();
// redirect user
if ($result === 'closurerequested') {
$response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
$redirectUrl = $response->getVal('redirectUrl');
$this->wg->Out->redirect($redirectUrl);
} else {
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
wfRunHooks('EmailChangeConfirmed', array($user));
return;
}
} else {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
return;
}
}
}
/**
* @param array $vars
* @return bool
*/
public static function onMakeGlobalVariablesScript(array &$vars)
{
$app = F::app();
if ($app->checkSkin('wikiamobile')) {
$vars['wgLoginToken'] = UserLoginHelper::getLoginToken();
}
// Max and min password lengths for JS validation
$vars['wgWikiaMaxNameChars'] = $app->wg->WikiaMaxNameChars;
$vars['wgMinimalPasswordLength'] = $app->wg->MinimalPasswordLength;
return true;
}
/**
* Entry point for reactivating an account
*
* Handles confirming the user's reactivation request when they have
* given a valid confirmation code. If no code is given, but they have
* a session ID from having successfully attempted to login to an account
* that has requested closure, this forwards to the reactivateRequest
* method.
*
* @requestParam string code - The confirmation code for reactivating an account
* @requestParam string username - The user name of the account to reactivate
* @requestParam string password - The password for the account to reactivate
* @requestParam string editToken - The edit token for the current user
* @requestParam string loginToken - The login token for the current user
* @responseParam boolean success - Whether or not reactivation was successful
* @responseParam string resultMessage - The result of the form submission
* @responseParam string errParam - The form item an error is related to
* @return void
*/
public function reactivate()
{
wfProfileIn(__METHOD__);
$this->code = $this->getVal('code', false);
if (empty($this->code)) {
if ($this->request->getSessionData('closeAccountSessionId') !== null) {
$this->forward(__CLASS__, 'reactivateRequest');
} else {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-empty-code')->parse();
}
wfProfileOut(__METHOD__);
return;
}
$this->getOutput()->setPageTitle($this->msg('closemyaccount-reactivate-page-title')->plain());
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
$user = $this->getUser();
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->loginToken = UserLoginHelper::getLoginToken();
$this->editToken = $user->getEditToken();
$helper = new CloseMyAccountHelper();
if ($this->request->wasPosted() && $user->matchEditToken($this->request->getVal('editToken'))) {
if ($user->isAnon() && $this->request->getVal('loginToken') !== UserLoginHelper::getLoginToken()) {
$this->success = false;
$this->resultMessage = $this->msg('sessionfailure')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($this->username === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-noname')->escaped();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
if ($this->password === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-invalid-code', $this->username)->parse();
wfProfileOut(__METHOD__);
return;
}
$user = User::newFromName($this->username);
if ($user->getId() != $expUser->getId()) {
$this->success = false;
$this->resultMessage = $this->msg('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->success = false;
$this->resultMessage = $this - msg('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
if ($helper->isClosed($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-disabled')->parse();
wfProfileOut(__METHOD__);
return;
}
if (!$helper->isScheduledForClosure($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-not-scheduled')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
$userLoginHelper->clearPasswordThrottle($this->username);
$helper->reactivateAccount($user);
unset($_SESSION['closeAccountSessionId']);
$userPageTitle = $user->getUserPage();
$this->getOutput()->redirect($userPageTitle->getFullURL());
} else {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
}
}
wfProfileOut(__METHOD__);
}
