/**
* change user's email and send reconfirmation email
* @requestParam string username
* @requestParam string email
* @responseParam string result [ok/error/invalidsession/confirmed]
* @responseParam string msg - result messages
* @responseParam string errParam - error param
*/
public function changeUnconfirmedUserEmail()
{
// get new email from request
$email = $this->request->getVal('email', '');
$username = $this->request->getVal('username');
if (!($this->isValidEmailFieldValue($email) && $this->isValidUsernameField($username))) {
return;
}
$user = User::newFromName($username);
if (!($this->isValidUser($user) && $this->isValidSession($user))) {
return;
}
// check email changes limit
$memKey = wfSharedMemcKey('wikialogin', 'email_changes', $user->getId());
// CONN-471: Respect the registration per email limit
if (!($this->isWithinEmailChangesLimit($memKey) && $this->isWithinRegistrationPerEmailLimit($email))) {
return;
}
// increase counter for email changes
$this->userLoginHelper->incrMemc($memKey);
$this->setResponseFields('ok', wfMessage('usersignup-reconfirmation-email-sent', $email)->escaped());
if ($email != $user->getEmail()) {
$user->setEmail($email);
// CONN-471: Call AbortNewAccount to validate username/password with Phalanx
if ($this->isBlockedByPhalanx($user)) {
return;
}
// send reconfirmation email
$result = $user->sendReConfirmationMail();
$user->saveSettings();
// set counter to 1 for confirmation emails sent
$memKey = $this->userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId());
$this->wg->Memc->set($memKey, 1, 24 * 60 * 60);
if (!$result->isGood()) {
$this->setResponseFields('error', wfMessage('userlogin-error-mail-error', $result->getMessage())->parse());
}
}
}
/**
* UserLogin: send a confirmation email a new account has been created
*/
public function sendConfirmationEmail()
{
$this->response->setFormat('json');
$this->response->setCacheValidity(\WikiaResponse::CACHE_DISABLED);
$this->response->setVal('success', false);
if ($this->getVal('secret') != $this->wg->TheSchwartzSecretToken) {
$this->response->setVal('message', 'invalid secret');
return;
}
if (!$this->wg->EmailAuthentication) {
$this->response->setVal('message', 'email authentication is not required');
return;
}
$username = $this->getVal('username');
wfWaitForSlaves($this->wg->ExternalSharedDB);
$user = \User::newFromName($username);
if (!$user instanceof \User) {
$this->response->setVal('message', 'unable to create a \\User object from name');
return;
}
if (!$user->getId()) {
$this->response->setVal('message', 'no such user');
return;
}
if ($user->isEmailConfirmed()) {
$this->response->setVal('message', 'already confirmed');
return;
}
$userLoginHelper = new \UserLoginHelper();
$memcKey = $userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId());
$emailsSent = intval($this->wg->Memc->get($memcKey));
if ($user->isEmailConfirmationPending() && strtotime($user->mEmailTokenExpires) - strtotime('+6 days') > 0 && $emailsSent >= \UserLoginHelper::LIMIT_EMAILS_SENT) {
$this->response->setVal('message', 'confirmation emails limit reached');
return;
}
if (!\Sanitizer::validateEmail($user->getEmail())) {
$this->response->setVal('message', 'invalid email');
return;
}
$langCode = $this->getVal('langCode', 'en');
$mailTemplate = $this->app->renderView('UserLogin', 'GeneralMail', ['language' => $langCode, 'type' => 'confirmation-email']);
$lang = \Language::factory($langCode);
$mailStatus = (new GlobalStateWrapper(['wgLang' => $lang]))->wrap(function () use($user, $mailTemplate, $langCode) {
return $user->sendConfirmationMail(false, 'ConfirmationMail', 'usersignup-confirmation-email', true, $mailTemplate, $langCode);
});
if (!$mailStatus->isGood()) {
$this->response->setVal('message', 'could not send an email message');
return;
}
$this->response->setVal('success', true);
}
