/**
* Send confirmation reminder emails for users that signed up on current wiki 7 days ago
*/
function sendReminder()
{
global $wgCityId, $wgServer;
wfProfileIn(__METHOD__);
// update url
$wgServer = WikiFactory::getVarValueByName('wgServer', $wgCityId);
$users = getRecipientsForCurrentWiki();
$cnt = 0;
$userLoginHelper = new UserLoginHelper();
foreach ($users as $user) {
// send reminder email
$result = $userLoginHelper->sendConfirmationReminderEmail($user);
if (!$result->isGood()) {
echo "Error: Cannot send reminder to user (id=" . $user->getId() . ", email=" . $user->getEmail() . "): " . $result->getMessage() . "\n";
} else {
$cnt++;
echo "Sent reminder to user (id=" . $user->getId() . ", email=" . $user->getEmail() . ").\n";
}
}
echo "WikiId {$wgCityId}: " . sizeof($users) . " of total {$cnt} confirmation reminder emails sent.\n";
wfProfileOut(__METHOD__);
}
/**
* @brief serves standalone signup page on GET. if POSTed, parameters will be required.
* @details
* on GET, template will render
* on POST,
* if signup is successful, it will redirect to returnto, or mainpage of wiki
* if signup is not successful, the template will render error messages, highlighting the errors
* @requestParam string username - on POST
* @requestParam string email - on POST
* @requestParam string password - on POST
* @requestParam string birthmonth - on POST
* @requestParam string birthday - on POST
* @requestParam string birthyear - on POST
* @requestParam string captcha - on POST
* @requestParam string returnto - url to return to upon successful login
* @requestParam string signupToken
* @requestParam string uselang
* @responseParam string result [ok/error]
* @responseParam string msg - result message
* @responseParam string errParam - error param
*/
public function index()
{
$this->wg->Out->setPageTitle($this->wf->Msg('usersignup-page-title'));
$this->response->addAsset('extensions/wikia/UserLogin/css/UserSignup.scss');
if (F::app()->checkSkin('oasis')) {
$this->response->addAsset('extensions/wikia/UserLogin/js/UserSignup.js');
}
if (!empty($this->wg->EnableFacebookConnectExt)) {
$this->response->addAsset('extensions/wikia/UserLogin/js/UserLoginFacebookPageInit.js');
}
// hide things in the skin
$this->wg->SuppressWikiHeader = true;
$this->wg->SuppressPageHeader = true;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
// form params
$this->username = $this->request->getVal('username', '');
$this->email = $this->request->getVal('email', '');
$this->password = $this->request->getVal('password', '');
$this->birthmonth = $this->request->getVal('birthmonth', '');
$this->birthday = $this->request->getVal('birthday', '');
$this->birthyear = $this->request->getVal('birthyear', '');
$this->returnto = $this->request->getVal('returnto', '');
$this->byemail = $this->request->getBool('byemail', false);
$this->signupToken = UserLoginHelper::getSignupToken();
$this->uselang = $this->request->getVal('uselang', 'en');
//fb#38260 -- removed uselang
$this->avatars = $this->userLoginHelper->getRandomAvatars();
$this->popularWikis = $this->userLoginHelper->getRandomWikis();
// template params
$this->pageHeading = wfMsg('usersignup-heading');
$this->createAccountButtonLabel = wfMsg('createaccount');
if ($this->byemail) {
$this->pageHeading = wfMsg('usersignup-heading-byemail');
$this->createAccountButtonLabel = wfMsg('usersignup-createaccount-byemail');
}
// process signup
$redirected = $this->request->getVal('redirected', '');
if ($this->wg->Request->wasPosted() && empty($redirected)) {
$response = $this->app->sendRequest('UserSignupSpecial', 'signup');
$this->result = $response->getVal('result', '');
$this->msg = $response->getVal('msg', '');
$this->errParam = $response->getVal('errParam', '');
if ($this->result == 'ok') {
$params = array('method' => 'sendConfirmationEmail', 'username' => $this->username, 'byemail' => intval($this->byemail));
$redirectUrl = $this->wg->title->getFullUrl($params);
$this->wg->out->redirect($redirectUrl);
}
}
}
/**
* Displays Facebook sign up modal (called by index method)
*/
public function modal()
{
// get an email from Facebook API
$resp = $this->sendRequest('FacebookSignup', 'getFacebookData', array('fbUserId' => $this->getFacebookUserId()));
// BugId:24400
$data = $resp->getData();
if (empty($data)) {
$this->skipRendering();
return false;
}
$this->fbEmail = $resp->getVal('contact_email', false);
$email = $resp->getVal('email', false);
// check for proxy email
if ($this->fbEmail != $email) {
$this->fbEmail = $this->wf->Msg('usersignup-facebook-proxy-email');
}
$this->loginToken = UserLoginHelper::getSignupToken();
$this->specialUserLoginUrl = F::build('SpecialPage', array('UserLogin'), 'getTitleFor')->getLocalUrl();
// FB feed option checkboxes
$this->fbFeedOptions = F::build('FBConnectPushEvent', array(), 'getPreferencesToggles');
}
/**
* change user's email and send reconfirmation email
* @requestParam string username
* @requestParam string email
* @responseParam string result [ok/error/invalidsession/confirmed]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function changeUnconfirmedUserEmail()
{
// get new email from request
$email = $this->request->getVal('email', '');
$username = $this->request->getVal('username');
if (!($this->isValidEmailFieldValue($email) && $this->isValidUsernameField($username))) {
return;
}
$user = User::newFromName($username);
if (!($this->isValidUser($user) && $this->isValidSession($user))) {
return;
}
// check email changes limit
$memKey = wfSharedMemcKey('wikialogin', 'email_changes', $user->getId());
// CONN-471: Respect the registration per email limit
if (!($this->isWithinEmailChangesLimit($memKey) && $this->isWithinRegistrationPerEmailLimit($email))) {
return;
}
// increase counter for email changes
$this->userLoginHelper->incrMemc($memKey);
$this->setResponseFields('ok', wfMessage('usersignup-reconfirmation-email-sent', $email)->escaped());
if ($email != $user->getEmail()) {
$user->setEmail($email);
// CONN-471: Call AbortNewAccount to validate username/password with Phalanx
if ($this->isBlockedByPhalanx($user)) {
return;
}
// send reconfirmation email
$result = $user->sendReConfirmationMail();
$user->saveSettings();
// set counter to 1 for confirmation emails sent
$memKey = $this->userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId());
$this->wg->Memc->set($memKey, 1, 24 * 60 * 60);
if (!$result->isGood()) {
$this->setResponseFields('error', wfMessage('userlogin-error-mail-error', $result->getMessage())->parse());
}
}
}
/**
* Displays Facebook sign up modal (called by index method)
*/
public function modal()
{
$fbUserId = $this->getFacebookUserId();
if (empty($fbUserId)) {
$this->skipRendering();
return;
}
// get an email from Facebook API
$userInfo = \FacebookClient::getInstance()->getUserInfo($fbUserId);
// BugId:24400
if (!$userInfo) {
$this->skipRendering();
return;
}
$returnToUrl = $this->userLoginHelper->getRedirectUrl('fbconnected=1');
$returnTo = $this->wg->request->getVal('returnto');
$returnToQuery = $this->wg->request->getVal('returntoquery');
$returnToParams = 'returnto=' . $returnTo;
if ($returnToQuery) {
$returnToParams .= '&returntoquery=' . htmlspecialchars($returnToQuery);
}
$this->response->setData(['fbEmail' => $userInfo->getProperty('email'), 'returnToUrl' => $returnToUrl, 'queryString' => $returnToParams, 'loginToken' => UserLoginHelper::getSignupToken()]);
}
/**
* change password
* @requestParam string username
* @requestParam string password
* @requestParam string newpassword
* @requestParam string retype
* @requestParam string cancel [true/false] - on POST
* @requestParam string keeploggedin [true/false] - on POST
* @requestParam string returnto - url to return to upon successful login
* @responseParam string result [ok/error]
* @responseParam string msg - result message
*/
public function changePassword()
{
$this->wg->Out->setPageTitle(wfMessage('userlogin-password-page-title')->plain());
$this->response->setVal('pageHeading', wfMessage('resetpass')->escaped());
$this->initializeTemplate();
$username = $this->request->getVal('username', '');
$password = $this->request->getVal('password', '');
$newPassword = $this->request->getVal('newpassword', '');
$retype = $this->request->getVal('retype', '');
$loginToken = $this->request->getVal('loginToken', '');
$returnto = $this->request->getVal('returnto', '');
$this->response->setValues(['username' => $username, 'password' => $password, 'newpassword' => $newPassword, 'retype' => $retype, 'editToken' => $this->wg->User->getEditToken(), 'loginToken' => $loginToken, 'returnto' => $returnto]);
// since we don't support ajax GET, use of this parameter simulates a get request
// in reality, it is being posted
$fakeGet = $this->request->getVal('fakeGet', '');
if ($this->wg->request->wasPosted() && empty($fakeGet)) {
if (!$this->wg->Auth->allowPasswordChange()) {
$this->result = 'error';
$this->msg = wfMessage('resetpass_forbidden')->escaped();
return;
}
if ($this->request->getVal('cancel', false)) {
$this->userLoginHelper->doRedirect();
return;
}
if ($this->wg->User->matchEditToken($this->request->getVal('editToken'))) {
if ($this->wg->User->isAnon() && $loginToken !== UserLoginHelper::getLoginToken()) {
$this->result = 'error';
$this->msg = wfMessage('sessionfailure')->escaped();
return;
}
$user = User::newFromName($username);
if (!$user || $user->isAnon()) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-nosuchuser')->escaped();
return;
}
if ($newPassword !== $retype) {
$this->result = 'error';
$this->msg = wfMessage('badretype')->escaped();
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'badretype']);
return;
}
// from attemptReset() in SpecialResetpass
if (!$user->checkTemporaryPassword($password) && !$user->checkPassword($password)) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'wrongpassword']);
return;
}
$valid = $user->getPasswordValidity($newPassword);
if ($valid !== true) {
$this->result = 'error';
$this->msg = wfMessage($valid, $this->wg->MinimalPasswordLength)->text();
return;
}
$user->setPassword($newPassword);
wfRunHooks('PrefsPasswordAudit', [$user, $newPassword, 'success']);
$user->saveSettings();
$this->result = 'ok';
$this->msg = wfMessage('resetpass_success')->escaped();
$this->wg->request->setVal('password', $newPassword);
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$result = $response->getVal('result', '');
if ($result === 'closurerequested') {
$response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
$redirectUrl = $response->getVal('redirectUrl');
$this->wg->Out->redirect($redirectUrl);
} else {
$this->userLoginHelper->doRedirect();
}
}
}
}
/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->getOutput()->disallowUserJs();
// just in case...
$this->wg->Out->setPageTitle(wfMessage('wikiaconfirmemail-heading')->plain());
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->editToken = $this->wg->User->getEditToken();
$this->loginToken = UserLoginHelper::getLoginToken();
$editTokenReq = $this->request->getVal('editToken', '');
$loginTokenReq = $this->request->getVal('loginToken', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-empty-code')->escaped();
return;
}
if ($this->wg->request->wasPosted() && $this->wg->User->matchEditToken($editTokenReq)) {
if ($this->wg->User->isAnon() && $loginTokenReq !== UserLoginHelper::getLoginToken()) {
$this->result = 'error';
$this->msg = wfMessage('sessionfailure')->escaped();
return;
}
if ($this->username == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-invalid-code')->escaped();
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$user = User::newFromName($this->username);
if (!$user instanceof User) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-noname')->escaped();
return;
}
if ($user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = wfMessage('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
if ($user->getGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME) != null) {
// Signup confirm
// Log user in manually
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
UserLoginHelper::clearNotConfirmedUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// Confirm
UserLoginHelper::removeNotConfirmedFlag($user);
$user->confirmEmail();
// Get and clear redirect page
$userSignupRedirect = $user->getGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME);
$user->setGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME, null);
$user->saveSettings();
$userLoginHelper->addNewUserLogEntry($user);
// send welcome email
$emailParams = array('$USERNAME' => $user->getName(), '$EDITPROFILEURL' => $user->getUserPage()->getFullURL(), '$LEARNBASICURL' => 'http://community.wikia.com/wiki/Help:Wikia_Basics', '$EXPLOREWIKISURL' => 'http://www.wikia.com');
$userLoginHelper->sendEmail($user, 'WelcomeMail', 'usersignup-welcome-email-subject', 'usersignup-welcome-email-body', $emailParams, 'welcome-email', 'WelcomeMail');
// redirect user
if (!empty($userSignupRedirect)) {
// Redirect user to the point where he finished (when signup on create wiki)
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $userSignupRedirect;
} else {
$titleObj = $this->wg->User->getUserPage();
$query = '';
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
// Email change
// Log user in through standard method
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$result = $response->getVal('result', '');
$optionNewEmail = $this->wg->User->getGlobalAttribute('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setGlobalAttribute('new_email', null);
$user->saveSettings();
// redirect user
if ($result === 'closurerequested') {
$response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
$redirectUrl = $response->getVal('redirectUrl');
$this->wg->Out->redirect($redirectUrl);
} else {
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
wfRunHooks('EmailChangeConfirmed', array($user));
return;
}
} else {
$this->result = 'error';
$this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
return;
}
}
}
/**
* Keeps count of registered accounts with same email
*
* @param User $user
* @static
* @return bool
*/
public static function onConfirmEmailComplete(User $user)
{
global $wgAccountsPerEmail, $wgMemc;
$sEmail = $user->getEmail();
if (isset($wgAccountsPerEmail) && is_numeric($wgAccountsPerEmail) && !UserLoginHelper::isWikiaEmail($sEmail)) {
$key = wfSharedMemcKey("UserLogin", "AccountsPerEmail", $sEmail);
$iCount = $wgMemc->get($key);
if ($iCount === false) {
$iCount = self::getUsersPerEmailFromDB($sEmail);
if ($iCount > 0) {
$wgMemc->set($key, $iCount);
}
} else {
$wgMemc->incr($key);
}
}
return true;
}
/**
* UserLogin: send a confirmation email a new account has been created
*/
public function sendConfirmationEmail()
{
$this->response->setFormat('json');
$this->response->setCacheValidity(\WikiaResponse::CACHE_DISABLED);
$this->response->setVal('success', false);
if ($this->getVal('secret') != $this->wg->TheSchwartzSecretToken) {
$this->response->setVal('message', 'invalid secret');
return;
}
if (!$this->wg->EmailAuthentication) {
$this->response->setVal('message', 'email authentication is not required');
return;
}
$username = $this->getVal('username');
wfWaitForSlaves($this->wg->ExternalSharedDB);
$user = \User::newFromName($username);
if (!$user instanceof \User) {
$this->response->setVal('message', 'unable to create a \\User object from name');
return;
}
if (!$user->getId()) {
$this->response->setVal('message', 'no such user');
return;
}
if ($user->isEmailConfirmed()) {
$this->response->setVal('message', 'already confirmed');
return;
}
$userLoginHelper = new \UserLoginHelper();
$memcKey = $userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId());
$emailsSent = intval($this->wg->Memc->get($memcKey));
if ($user->isEmailConfirmationPending() && strtotime($user->mEmailTokenExpires) - strtotime('+6 days') > 0 && $emailsSent >= \UserLoginHelper::LIMIT_EMAILS_SENT) {
$this->response->setVal('message', 'confirmation emails limit reached');
return;
}
if (!\Sanitizer::validateEmail($user->getEmail())) {
$this->response->setVal('message', 'invalid email');
return;
}
$langCode = $this->getVal('langCode', 'en');
$mailTemplate = $this->app->renderView('UserLogin', 'GeneralMail', ['language' => $langCode, 'type' => 'confirmation-email']);
$lang = \Language::factory($langCode);
$mailStatus = (new GlobalStateWrapper(['wgLang' => $lang]))->wrap(function () use($user, $mailTemplate, $langCode) {
return $user->sendConfirmationMail(false, 'ConfirmationMail', 'usersignup-confirmation-email', true, $mailTemplate, $langCode);
});
if (!$mailStatus->isGood()) {
$this->response->setVal('message', 'could not send an email message');
return;
}
$this->response->setVal('success', true);
}
echo wfWikiID() . ": Creating User:{$username}...";
# Validate username and check it doesn't exist
$user = User::newFromName($username);
if (!is_object($user)) {
echo "invalid username.\n";
die(1);
} elseif (0 != $user->idForName()) {
echo "account exists.\n";
die(1);
}
# Insert the account into the database
$user->addToDatabase();
$user->setEmail($email);
$user->setPassword($password);
$user->confirmEmail();
UserLoginHelper::removeNotConfirmedFlag($user);
// this calls saveSettings();
if (!ExternalUser_Wikia::addUser($user, $password, $email, $username)) {
echo "error creating external user\n";
die(1);
}
# Increment site_stats.ss_users
$ssu = new SiteStatsUpdate(0, 0, 0, 0, 1);
$ssu->doUpdate();
echo "done.\n";
function showHelp()
{
echo <<<EOT
Create a new user account
USAGE: php createUser.php [--help] <username> <password> <email>
/**
* Set a user's email
* @param $email Mixed: email address to set to the user
* @param $changeReason String: reason for change
* @return Boolean: true on success, false on failure (i.e. if we were given an invalid email address)
*/
function setEmail($email, $changeReason = '')
{
$oldEmail = $this->mUser->getEmail();
if (Sanitizer::validateEmail($email) || $email == '') {
$this->mUser->setEmail($email);
if ($email != '') {
UserLoginHelper::removeNotConfirmedFlag($this->mUser);
$this->mUser->confirmEmail();
$this->mUser->setGlobalAttribute('new_email', null);
} else {
if ($this->mUser->getGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME)) {
// User not confirmed on signup can't has empty email
// @TODO introduce new message since usecase here is same as temp user empty email but it's not temp user anymore
$this->mStatusMsg = wfMsg('editaccount-error-tempuser-email');
return false;
}
$this->mUser->invalidateEmail();
}
$this->mUser->saveSettings();
// Check if everything went through OK, just in case
if ($this->mUser->getEmail() == $email) {
global $wgUser, $wgTitle;
$log = new LogPage('editaccnt');
$log->addEntry('mailchange', $wgTitle, $changeReason, array($this->mUser->getUserPage()));
if ($email == '') {
$this->mStatusMsg = wfMsg('editaccount-success-email-blank', $this->mUser->mName);
} else {
$this->mStatusMsg = wfMsg('editaccount-success-email', $this->mUser->mName, $email);
}
wfRunHooks('EditAccountEmailChanged', array($this->mUser));
return true;
} else {
$this->mStatusMsg = wfMsg('editaccount-error-email', $this->mUser->mName);
return false;
}
} else {
$this->mStatusMsg = wfMsg('editaccount-invalid-email', $email);
return false;
}
}
/**
* Entry point for reactivating an account
*
* Handles confirming the user's reactivation request when they have
* given a valid confirmation code. If no code is given, but they have
* a session ID from having successfully attempted to login to an account
* that has requested closure, this forwards to the reactivateRequest
* method.
*
* @requestParam string code - The confirmation code for reactivating an account
* @requestParam string username - The user name of the account to reactivate
* @requestParam string password - The password for the account to reactivate
* @requestParam string editToken - The edit token for the current user
* @requestParam string loginToken - The login token for the current user
* @responseParam boolean success - Whether or not reactivation was successful
* @responseParam string resultMessage - The result of the form submission
* @responseParam string errParam - The form item an error is related to
* @return void
*/
public function reactivate()
{
wfProfileIn(__METHOD__);
$this->code = $this->getVal('code', false);
if (empty($this->code)) {
if ($this->request->getSessionData('closeAccountSessionId') !== null) {
$this->forward(__CLASS__, 'reactivateRequest');
} else {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-empty-code')->parse();
}
wfProfileOut(__METHOD__);
return;
}
$this->getOutput()->setPageTitle($this->msg('closemyaccount-reactivate-page-title')->plain());
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
$user = $this->getUser();
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
$this->loginToken = UserLoginHelper::getLoginToken();
$this->editToken = $user->getEditToken();
$helper = new CloseMyAccountHelper();
if ($this->request->wasPosted() && $user->matchEditToken($this->request->getVal('editToken'))) {
if ($user->isAnon() && $this->request->getVal('loginToken') !== UserLoginHelper::getLoginToken()) {
$this->success = false;
$this->resultMessage = $this->msg('sessionfailure')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($this->username === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-noname')->escaped();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
if ($this->password === '') {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpasswordempty')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!$expUser instanceof User) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-invalid-code', $this->username)->parse();
wfProfileOut(__METHOD__);
return;
}
$user = User::newFromName($this->username);
if ($user->getId() != $expUser->getId()) {
$this->success = false;
$this->resultMessage = $this->msg('wikiaconfirmemail-error-user-not-match')->parse();
$this->errParam = 'username';
wfProfileOut(__METHOD__);
return;
}
$userLoginHelper = new UserLoginHelper();
/* @var UserLoginHelper $userLoginHelper */
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->success = false;
$this->resultMessage = $this - msg('userlogin-error-login-throttled')->escaped();
$this->errParam = 'password';
wfProfileOut(__METHOD__);
return;
}
if ($helper->isClosed($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-disabled')->parse();
wfProfileOut(__METHOD__);
return;
}
if (!$helper->isScheduledForClosure($user)) {
$this->success = false;
$this->resultMessage = $this->msg('closemyaccount-reactivate-error-not-scheduled')->escaped();
wfProfileOut(__METHOD__);
return;
}
if ($user->checkPassword($this->password)) {
$this->wg->User = $user;
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
$userLoginHelper->clearPasswordThrottle($this->username);
$helper->reactivateAccount($user);
unset($_SESSION['closeAccountSessionId']);
$userPageTitle = $user->getUserPage();
$this->getOutput()->redirect($userPageTitle->getFullURL());
} else {
$this->success = false;
$this->resultMessage = $this->msg('userlogin-error-wrongpassword')->escaped();
$this->errParam = 'password';
}
}
wfProfileOut(__METHOD__);
}
/**
* @param string $page
* @param string $queryString
* @param string $extraQueryString
* @param int $cbVal
* @param Title $actualTitle
* @param string $actualQueryString
*
* @dataProvider getRedirectUrlDataProvider
*/
public function testGetRedirectUrl($page, $queryString, $extraQueryString, $cbVal, Title $actualTitle, $actualQueryString)
{
$request = F::app()->wg->Request;
$request->setVal('returnto', $page);
$request->setVal('returntoquery', $queryString);
$userLoginHelper = new UserLoginHelper();
$testUrl = $userLoginHelper->getRedirectUrl($extraQueryString, $cbVal);
$actualUrl = $actualTitle->getFullUrl($actualQueryString);
$this->assertEquals($testUrl, $actualUrl);
}
/**
* @brief retrieves valid login token
*/
public function retrieveLoginToken()
{
$this->loginToken = UserLoginHelper::getLoginToken();
}
public function initUser(User &$u, $autocreate, $skipConfirm = false)
{
global $wgCityId;
if (!parent::initUser($u, $autocreate)) {
return false;
}
/*
* Remove when SOC-217 ABTest is finished
*/
$isAllowRegisterUnconfirmed = $this->isAllowedRegisterUnconfirmed();
/*
* end remove
*/
if ($skipConfirm === false) {
/*
* Remove when SOC-217 ABTest is finished
*/
$u->setGlobalAttribute(UserLoginSpecialController::NOT_CONFIRMED_LOGIN_OPTION_NAME, $isAllowRegisterUnconfirmed ? UserLoginSpecialController::NOT_CONFIRMED_LOGIN_ALLOWED : UserLoginSpecialController::NOT_CONFIRMED_LOGIN_NOT_ALLOWED);
/*
* end remove
*/
// Set properties that will require user to confirm email after signup
$u->setGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME, $this->mReturnTo);
$u->setGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME, true);
$u->setGlobalFlag(UserLoginSpecialController::SIGNED_UP_ON_WIKI_OPTION_NAME, $wgCityId);
$u->saveSettings();
UserLoginHelper::setNotConfirmedUserSession($u->getId());
}
wfRunHooks('AddNewAccount', array($u, false));
/*
* Remove when SOC-217 ABTest is finished
*/
if ($isAllowRegisterUnconfirmed) {
$u->setCookies();
}
/*
* end remove
*/
return true;
}
/**
* Confirm email page.
* @requestParam string code - on GET, POST
* @requestParam string username - on POST
* @requestParam string password - on POST
* @responseParam string result [ok/error]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function index()
{
$this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
// hide things in the skin
$this->wg->SuppressWikiHeader = false;
$this->wg->SuppressPageHeader = false;
$this->wg->SuppressFooter = true;
$this->wg->SuppressAds = true;
$this->wg->SuppressToolbar = true;
$this->wg->Out->setPageTitle(wfMsg('wikiaconfirmemail-heading'));
$par = $this->request->getVal('par', '');
$this->code = $this->request->getVal('code', $par);
$this->username = $this->request->getVal('username', '');
$this->password = $this->request->getVal('password', '');
if ($this->code == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-empty-code');
return;
}
if ($this->wg->request->wasPosted()) {
if ($this->username == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-noname');
$this->errParam = 'username';
return;
}
if ($this->password == '') {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
$this->errParam = 'password';
return;
}
$expUser = User::newFromConfirmationCode($this->code);
if (!is_object($expUser)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-invalid-code');
return;
}
// User - activate user, confirm email and redirect to user page or create new wiki
$tempUser = TempUser::getTempUserFromName($this->username);
if ($tempUser) {
if ($tempUser->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
$userLoginHelper = F::build('UserLoginHelper');
if ($userLoginHelper->isPasswordThrottled($this->username)) {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-login-throttled');
$this->errParam = 'password';
return;
}
$user = $tempUser->mapTempUserToUser(false);
if ($user->checkPassword($this->password)) {
$this->wg->user = $tempUser->activateUser($user);
$this->wg->User->setCookies();
LoginForm::clearLoginToken();
TempUser::clearTempUserSession();
$userLoginHelper->clearPasswordThrottle($this->username);
// redirect user
if ($tempUser->getSource() == '') {
$titleObj = $this->wg->User->getUserPage();
$query = '';
} else {
$titleObj = SpecialPage::getTitleFor('CreateNewWiki');
$query = $tempUser->getSource();
}
$this->wg->out->redirect($titleObj->getFullURL($query));
return;
} else {
$this->result = 'error';
$this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
$this->errParam = 'password';
return;
}
}
// User - confirm email and redirect to user page
$user = User::newFromName($this->username);
if (!$user instanceof User || $user->getId() != $expUser->getId()) {
$this->result = 'error';
$this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
$this->errParam = 'username';
return;
}
// set login token
$this->wg->request->setVal('loginToken', UserLoginHelper::getLoginToken());
// login
$response = $this->app->sendRequest('UserLoginSpecial', 'login');
$this->result = $response->getVal('result', '');
$this->msg = $response->getVal('msg', '');
$this->errParam = $response->getVal('errParam', '');
if ($this->result == 'ok') {
$optionNewEmail = $this->wg->User->getOption('new_email');
if (!empty($optionNewEmail)) {
$user->setEmail($optionNewEmail);
}
$user->confirmEmail();
$user->setOption('new_email', null);
$user->saveSettings();
$this->wf->RunHooks('ConfirmEmailComplete', array(&$user));
// redirect user
$userPage = $user->getUserPage();
$this->wg->out->redirect($userPage->getFullURL());
}
}
}
/**
* Send a confirmation email to the user. This is used when the user doesn't
* have an email registered with Facebook and provides us one in the signup form.
*/
private function sendConfirmationEmail()
{
$userLoginHelper = new UserLoginHelper();
$userLoginHelper->sendConfirmationEmail($this->mUsername);
}
